Security Blog

Posts about my work in Engineering, IT, and Security

white laptop on a green meadow

Chromebooks for Enterprise Security: A Comprehensive Guide

When we mention enterprise computers, most of us instantly picture the typical Windows or macOS systems. But in this blog, I aim to challenge the norm and introduce an often-overlooked contender: Chromebooks. ChromeOS’s unique security features combined with a lightweight design make Chromebooks a compelling tool for modern businesses. Let’s delve deeper into why Chromebooks could be an intriguing choice for your enterprise security. Understanding Chromebooks for Enterprise…

Read More
a robot holding a cup

ChatGPT in Cybersecurity: Potential and Pitfalls

As the cybersecurity landscape rapidly evolves, leveraging the most advanced tools is no longer optional – it’s imperative. One such emerging technology garnering attention is large language models (LLMs) like GPT-3. Thanks to their ability to understand and generate human-like text, LLMs offer exciting opportunities to streamline and enhance various aspects of a cybersecurity program. However, as with any technology, they come with their own set of challenges…

Read More
selective focus photography of a speedometer

Cybersecurity KPIs: Moving beyond MBOs

Every savvy business leader knows the importance of setting and managing objectives for their teams. Many have adopted Peter Drucker’s Management by Objectives (MBOs) strategy to align their team’s goals with those of the organization. In the world of cybersecurity, however, the rapidly evolving threat landscape calls for a more dynamic approach to managing progress and performance. In this context, cybersecurity KPIs (Key Performance Indicators), underpinned by Drucker’s…

Read More
photo of pathway surrounded by fir trees

Staff Engineer: A Deep Dive into Leadership Beyond Management

Introduction: You’ve reached that crossroad in your career – senior engineer. It’s a proud moment, and yet, one with its fair share of uncertainty. The fork in the road is well-documented: a choice between progressing into management or continuing to hone your skills as an individual contributor. For a long time, the career path for many software engineers seemed to be culminating towards management. But, as I mentioned…

Read More
excavator, shovel, construction machine-1936799.jpg

CRXcavator: Democratizing Browser Security

Few tools have transformed the landscape of browser extension security as profoundly as CRXcavator. Born out of a simple idea, it has gone on to shape industry practices and empower organizations across sectors with robust security oversight. It all began with a straightforward concept – to design a script that could help security analysts review Chrome Extension requests in an efficient and consistent manner. As simple as the…

Read More
job interview, interview, job-3410427.jpg

Crucial Conversations: High-Stakes Dialogues in Security

In the journey of professional and personal development, few resources have been as impactful in my life as the book “Crucial Conversations: Tools for Talking When Stakes Are High.” Penned by Kerry Patterson, Joseph Grenny, Ron McMillan, and Al Switzler, this seminal work is a crucial guide (pun intended) for navigating high-stakes conversations. As part of my ongoing “Book Report” series, let’s dive into the valuable lessons this…

Read More
meeting, business, architect-2284501.jpg

Five Dysfunctions of a Team helps Mature Security Engineering

Introduction As a security engineering leader with over twenty years of experience in the IT and security space, I’ve encountered numerous challenges in managing teams. From building corporate security and detection programs to leading Security Operations Centers, I’ve seen a fair share of dysfunction in teams. It’s important to acknowledge that team dysfunctions aren’t exclusive to a particular industry. Regardless of the sector, the problems of trust, fear…

Read More
computer, city, hack-2930704.jpg

Hacking the Gibson, Then and Now: Lessons from “Hackers”

In the 1995 movie “Hackers”, young cyber rebels, portrayed by actors such as Jonny Lee Miller and Angelina Jolie, infiltrate computer systems, outsmart corporate security, and ultimately save the day. The movie, while dated in terms of technology, surprisingly remains relevant when it comes to its depiction of cybersecurity threats. In fact, it seems that despite the massive technological advancements we’ve seen in the past 30 years, many…

Read More
phoenix, photoshop, eagle-2877486.jpg

The Phoenix Project changed how I lead Security Engineering

In the realm of Information Technology, few books have made as profound an impact as Gene Kim’s “The Phoenix Project.” (Book Link) This novel, draped in the garb of a corporate thriller, introduces us to an IT manager, Bill, who is thrust into the chaotic world of a project – code-named Phoenix – on the brink of disaster. As the book unfolds, Bill battles not only the looming…

Read More
stones, pebbles, stone-4830938.jpg

Leading without authority: Invisible Security

Running a Cyber Security program for your organization is leadership, and often it’s leading without authority.  For your program to run effectively it must: Lead without imposing: Your users should feel like they’re making security decisions because they make sense, not simply because they’ve been mandated to do such, this is especially necessary when you’re leading without authority. When they do need to make a decision that impact their…

Read More
1 2 3 4