Security Blog

When we mention enterprise computers, most of us instantly picture the typical Windows or macOS systems. But in this blog, I aim to challenge the norm and introduce an often-overlooked contender: Chromebooks. ChromeOS’s unique security features combined with a lightweight design make Chromebooks a compelling tool for modern businesses. Let’s delve deeper into why Chromebooks could be an intriguing choice for your enterprise security. Understanding Chromebooks for Enterprise…

As the cybersecurity landscape rapidly evolves, leveraging the most advanced tools is no longer optional – it’s imperative. One such emerging technology garnering attention is large language models (LLMs) like GPT-3. Thanks to their ability to understand and generate human-like text, LLMs offer exciting opportunities to streamline and enhance various aspects of a cybersecurity program. However, as with any technology, they come with their own set of challenges…

Every savvy business leader knows the importance of setting and managing objectives for their teams. Many have adopted Peter Drucker’s Management by Objectives (MBOs) strategy to align their team’s goals with those of the organization. In the world of cybersecurity, however, the rapidly evolving threat landscape calls for a more dynamic approach to managing progress and performance. In this context, cybersecurity KPIs (Key Performance Indicators), underpinned by Drucker’s…

Introduction: You’ve reached that crossroad in your career – senior engineer. It’s a proud moment, and yet, one with its fair share of uncertainty. The fork in the road is well-documented: a choice between progressing into management or continuing to hone your skills as an individual contributor. For a long time, the career path for many software engineers seemed to be culminating towards management. But, as I mentioned…

Few tools have transformed the landscape of browser extension security as profoundly as CRXcavator. Born out of a simple idea, it has gone on to shape industry practices and empower organizations across sectors with robust security oversight. It all began with a straightforward concept – to design a script that could help security analysts review Chrome Extension requests in an efficient and consistent manner. As simple as the…

In the journey of professional and personal development, few resources have been as impactful in my life as the book “Crucial Conversations: Tools for Talking When Stakes Are High.” Penned by Kerry Patterson, Joseph Grenny, Ron McMillan, and Al Switzler, this seminal work is a crucial guide (pun intended) for navigating high-stakes conversations. As part of my ongoing “Book Report” series, let’s dive into the valuable lessons this…

Introduction As a security engineering leader with over twenty years of experience in the IT and security space, I’ve encountered numerous challenges in managing teams. From building corporate security and detection programs to leading Security Operations Centers, I’ve seen a fair share of dysfunction in teams. It’s important to acknowledge that team dysfunctions aren’t exclusive to a particular industry. Regardless of the sector, the problems of trust, fear…

In the 1995 movie “Hackers”, young cyber rebels, portrayed by actors such as Jonny Lee Miller and Angelina Jolie, infiltrate computer systems, outsmart corporate security, and ultimately save the day. The movie, while dated in terms of technology, surprisingly remains relevant when it comes to its depiction of cybersecurity threats. In fact, it seems that despite the massive technological advancements we’ve seen in the past 30 years, many…

In the realm of Information Technology, few books have made as profound an impact as Gene Kim’s “The Phoenix Project.” (Book Link) This novel, draped in the garb of a corporate thriller, introduces us to an IT manager, Bill, who is thrust into the chaotic world of a project – code-named Phoenix – on the brink of disaster. As the book unfolds, Bill battles not only the looming…

Running a Cyber Security program for your organization is leadership, and often it’s leading without authority.  For your program to run effectively it must: Lead without imposing: Your users should feel like they’re making security decisions because they make sense, not simply because they’ve been mandated to do such, this is especially necessary when you’re leading without authority. When they do need to make a decision that impact their…