I have flown many times in my life, but I’ve never really known the difference between a Boeing 747, 787, or whatever the numbers are. It’s not that I’m not interested in planes. I still look up in the sky when I see one flying overhead and ask myself where it’s coming from and going … Continue reading Your engine doesn’t matter →

I saw an article on The Register today entitled, Crypto for cryptographers! Infosec types revolt against use of ancient abbreviation by Bitcoin and NFT devotees. TL;DR the argument is whether or not crypto should mean cryptography or cryptocurrency. Now, I get it, it can be an emotional topic for some - but really? The majority … Continue reading Cybersec’s Messy Messaging →

I’m not a CISO, I never have been and hope I never will be. It seems like a lot of hard work and stress, and if you’re the CISO at a company when you suffer a breach it’s difficult to blame the intern without a mob of security professionals criticising you. But I do observe … Continue reading 5 Tips to be an awesome CISO →

Buy 10,000 trophies from China (max $1 each including shipping)Buy an engraverRegister a fancy domain, like, "WorldsBestSecurity.com"Send emails to companies saying they've "won" an award in some <random category>. For a mere $1000 they can get featured in the WorldsBestSecurity.com listing and receive an engraved trophy.  10,000 * 1000 = 10,000,000  Even with a 50% … Continue reading My Retirement Plan →

If you've been on LinkedIn recently, you've probably seen your feed littered with polling questions. It could be something simple as, "which of these items do you like for breakfast" or something more specific such as, "Zero Trust is good because..." Either way, I have a bit of an issue with how these are framed, … Continue reading Your polls are bad →

There's a concept around finite and infinite games. A finite game is played to win whereas an infinite game is played for the purpose of continuing. I like to think of Monopoly as an infinite game. I've never been able to complete the game, and I've yet to meet anyone that can tell me any … Continue reading The Impending Reality of Virtual Reality →

BSides London is taking place and due to the pandemic and things, I'm not going and it's put me in a contemplative mood about the early days of my career. When I started there were no such things as conferences such as BSides. We only had Infosec Europe and the most we got out of … Continue reading The bad old days →