This is the third edition of my Infosec Buzzword Bingo, just in time for 2019’s RSA Conference (RSAC). Rather than relying on my keenly tuned snake oil spidey senses to generate the words populating the bingo card, I took a more data-driven approach this year. I surveyed 100 companies’ websites*…

This year’s nominees for the 2019 edition of the RSA Conference’s Innovation Sandbox were announced this morning. As I’m wont to do, I wanted to explore the funding side of these ten startups.

Communicating the Dynamics of Information Security Risk Management — People struggle to understand how risk accumulates in complex systems, thereby also not understanding the extent to which risk must be reduced. …

My perennial New Year’s resolution is to read one fiction and one non-fiction book per month. I tend to fail, and this year I only averaged 1.33 books per month (which, interestingly, is the same as last year; 2016 was 1.5 per month). As you can tell from this list…

Fed up with ridiculous infosec predictions for the upcoming year, I decided to aggregate them all and use the power of Markov Chains to generate my own list. What follows is the result, very lightly edited solely for readability. You can see last year’s edition here. In 2019, we predict…

I looked at the vendors to see which VCs are funding them & glean other insights — What type of vendors are showing themselves off in the Business Hall? Are they mostly startups?

What follows is the full text of my keynote , also available as a video and as slides. There has been insufficient exploration of the first principles of resilience in the context of information security, despite the term being superficially peppered in our common discourse. …

Originally given as the keynote at BSides Knoxville. Security is a product, but we treat it like a sacred, immutable grail to preserve, unblemished by the sublunary needs of users. And yet, we wonder why defense remains stagnant, why we fail so consistently in progressing towards the glorious ideal of…

Fed up with ridiculous infosec predictions for the upcoming year, I decided to aggregate them all and use the power of Markov Chains to generate my own list. What follows is the result, lightly edited solely for readability. I hope to be pioneering the next-gen AI-powered thought leadering market segment. …