About The Blogger

Real World Cyber Security

I have been working in cybersecurity since before most people in the industry were even conceived. I know where the skeletons are buried and how to find them. My experience is a split between systems engineering on very large development efforts and cybersecurity. However, for the past two decades, it has been almost entirely focused on cybersecurity.

My forte is building, mentoring, and managing world-class information security teams, and architecting all aspects of security for complex mission-critical and safety-critical systems. I excel at creating cost-effective security solutions for organizations and products that provide risk-based security that emphasizes the human factors of security. I have in-depth experience with nearly all aspects of security and regularly work with all levels of an organization from C-level executives on down, and with technical and non-technical audiences, as well as customers, vendors, and regulatory agencies.

I have deep expertise and extensive experience in embedded systems product development and product development security, including: hardware security; secure boot, software and firmware security; network and protocol security; operating systems hardening; user interaction and user experience security; industrial design security; data protection and data privacy; cryptographic security; secure software development practices; security test and evaluation; government product security certifications and validation; intellectual property protection; import/export compliance; product liability; supply chain integrity; security in mergers and acquisitions; and corporate security governance. I also have strong expertise in security operations and incident response. In addition, I have managed large internationally-distributed security and development teams as well.

My range of experience encompasses the technical, management, and corporate governance aspects of cybersecurity and information security. I have worked in a variety of industries, including: aerospace and defense, banking and financial services, health care, consulting, communications and collaboration, network and data center infrastructure, critical infrastructure protection, general business, information services, entertainment/media, process and discrete-parts manufacturing, transportation, utilities, and the wholesale, distribution, retail, and point-of-sales supply chain.

I am always open to contract opportunities, and under the right circumstances, would consider a permanent position as well. Except for now and our current problems with Covid19, near-continuous travel is not an issue, nor is most international travel.

You can contact me by email at: (name of this blog as one word) (at) (protonmail) (dot) (top-level domain code for Switzerland).

Thanks for reading!