Articles & Presentations

---

Maturing one's program vs. the 5 NIST CSF domains - originally presented at RSA Conference, June 2022

A comprehensive (read: long) look at the fundamentals of running a cybersecurity program.  April, 2022.

November, 2021 presentation on getting the most out of tabletop exercises.

Overcoming cybersecurity excuses  - yours and theirs - through better communication and strategy.  Presented at TEISS  London February, 2019

An academic research paper on leadership that seeks to find a more objective understanding of leadership.  This version includes an annotated bibliography with notes to self.

June, 2019 article in Security Current about using a cybersecurity council to kick off ownership of security in the business

Presented at the Texas Department of Information Resources Information Security Forum, April, 2019 (and GDS Security Insight Summit, May, 2019)

February, 2019 presentation on how to leverage the vendor community to improve your security game.  Presented to TEISS, February 2019 and GDS Security Summit, December 2018

A moment to poke fun at our industry.  Pick something from each column to name your startup and pick your mission.  The angel and VC money will no doubt flow in!

January, 2019 Article for HelpNet Security Magazine

September, 2018

Presented at CDM Media Security Summits in Dallas and Toronto, 2018

July, 2018 LinkedIn Article

April, 2018 LinkedIn Article

April, 2018 Article for Dark Reading Magazine

February, 2018 LinkedIn Article

November, 2019 podcast interview about why security must be friendly

July, 2019  live interview about the toughest questions a CISO must ask, and many other topics.

June, 2019 live podcast.  Guest was Dan Lohrmann, and we addressed privacy, and BAD best practices.

May 2019 interview on cloud security.  There is a mis-statement here.  I advocate "back to the basics" at all phases of a security program - not just as a starter.

May, 2019 interview about the business, product & security in the role of the CISO 

April, 2019 Silicon UK interview about the IT & CISO life.  I really am keen on ML and AI once the market consistently produces actual and real examples.  I remain hopeful!

March, 2019 panel interview by Sean Martin along with Sian John and Candy Alexander.

March, 2019 over-the-top deadpan, dry humor and meant for fun only.  It was very hard to keep a straight face.

February, 2019 general interview regarding my career path and different facets of the CISO life over the last year.

January, 2019 interview covering security fundamentals, collaboration between CISOs, infosec as a campaign and security as compared to IT

November, 2018 - I was honored to be chosen as CISO of the week.  I was interviewed on a variety of CISO topics.

November, 2018 - Another great podcast series, and another fun interview.

October, 2018 interview for SC Magazine's "ebook" series.  Apparently I'm more opinionated about first generation SIEMs than I realized...

September, 2018 in-depth interview following up on my  August, 2018 announcement to begin openly embracing the vendor community.

A September, 2018 interview regarding my voluntary experiment to allow vendors into my work life to the tune of 2 hours a week.

August, 2018 interview with one of the most relevant CISO podcasts out there - topics include leveraging compliance for real-world security, and how CISO's discover new solutions and technologies

June, 2018 interview covering blockchain, industry trends and gripes, and security vs. privacy

March, 2018 Video interview about 2018 predictions and CISO trends.  I didn't have my glasses, and am hunched over the screen, squinting.  Good interview despite.