Firewalls block packets.Culture blocks complacency. You can deploy every control in the book—MFA, EDR, SIEM, SOAR—but if your people don’t care, don’t ask questions, or don’t feel safe reporting mistakes… you’ve already been breached. Over the years, I’ve learned that the strongest defense isn’t at the perimeter—it’s in the mindset of your team.It’s the engineer […]

Read more "People Over Policies, Pt. 4 — Culture Is Your Strongest Firewall"

I’ve heard it all my life: “Women can’t do that.” “Women aren’t as strong as men.” Or my personal favorite— “That’s a man’s job.” Cringy, I know. I’m not a feminist. I’ve just had the best seat in the house. Growing up as the youngest of three, I had a front-row view. My older sister […]

Read more "How Women Might Actually Rule the World"

People Over Policies, Pt. 3 — The First 24 Hours of an Incident Response No policy survives first contact with an incident. When a breach, outage, or ransomware alert hits, every second counts—and every assumption gets tested.The playbooks are important, but what really matters in those first 24 hours isn’t the policy binder.It’s the people […]

Read more "People Over Policies, Pt. 3 — The First 24 Hours of an Incident Response"

The Air-gap Network That Saved Us How a 2014 Compliance Requirement Became Our 2018 Ransomware Recovery Plan In cybersecurity, you don’t always build systems for the problems you expect.Sometimes, the thing that saves you was never meant to exist for that reason at all.That’s exactly what happened to us. 2014 — A Contract, a Quake, […]

Read more "How Network Isolation Saved Us: How a 2014 Compliance Requirement Became Our 2018 Ransomware Recovery Plan"

People Over Policies, Pt. 2 — From Compliance to Culture After my last post, two brilliant leaders — @Darius Jasiulionis and @Gurpreet Singh — reminded me why frameworks matter only if people live them. Darius said it best: “ISO 27001 was never meant to be just documentation, but a culture of accountability and continuous improvement.”And […]

Read more "People Over Policies, Pt. 2 — From Compliance to Culture"

💥 That One Time I Ran an AI/ML GPU Farm in My House April 2022.We were in the middle of a massive network latency and SQL optimization phase at Select Data. Our Data Science MicroK8s cluster (2 x Dell PowerEdge R740s with 2TB of RAM and 4 x Nvidia Tesla V100s) was acting up — […]

Read more "The Time I Turned My Ethereum Rig Into an AI Cluster (And Legal Paid the Bill)"

That One Time I Was a One-Person Cybersecurity Department I saw this post from Kaaviya Balaji saying: “If you’re looking for someone who knows SIEM, SOAR, EDR, XDR, IAM, MFA, SSO, Cloud (AWS, Azure, GCP), Firewalls, Compliance (ISO, NIST, GDPR, PCI-DSS), Incident Response, Threat Intel, and more…That’s not a Cybersecurity Analyst.That’s an entire Cybersecurity Department.” […]

Read more "That One Time I Was a One-Person Cybersecurity Department"

Literally the day after we migrated our Production workloads into Azure, I woke up in a panic. We hadn’t even been 24 hours in the cloud when I opened my email to find what every Cybersecurity engineer dreads: 2,181,699 brute-force attempts. Luckily, we survived. But it lit a fire under us to accelerate our Zero […]

Read more "That One Time Stark Industries Came After Us"

Cybersecurity & Operations Excellence. In cybersecurity, numbers tell stories — but not the whole story.The summer we dropped our Arctic Wolf Managed Risk Score from 7.9 to 5.7 and raised our Coverage Score from 70% to 100% wasn’t just about metrics. It was about culture, consistency, and the quiet discipline of doing the hard things […]

Read more "Closing the Gaps: How We Reduced Our Managed Risk Score from 7.9 to 5.7 and Reached 100% Coverage"