CISO stands for Chief Information Security Officer. The job description, if anyone wrote it honestly, would read something like: worry professionally, deliver bad news to executives who don't want to hear it, defend a budget for things you hope never happen, and explain to your family that no, you still can't fix their computer.

I've been working in technology since the late 90s, starting with internet infrastructure during the dot-com era and eventually finding my way into security leadership at a large financial institution. Spending fifteen years on the technology side before moving into security gave me a different perspective than most CISOs have, and that shows up in how I think about risk, leadership, and the work I write about here.

What I Write About

This site is where I share what I've learned. Most of it comes back to a handful of things I believe: security exists to serve the business, not itself. Frameworks are tools, not answers. Compliance is the floor, not the ceiling. And the people making decisions about risk are usually smarter than the way we communicate risk to them.

Not everything I write will be conventional, but it comes from owning the outcomes.

See what I've been writing →

The Personal Side

My wife and I have two kids who are growing up way too fast. We're die-hard Liverpool FC supporters, through the good seasons and the ones we'd rather forget. "Six Times Champions of Europe!" Some clubs are still waiting on their first. Arsenal, we're looking at you. YNWA.

My son and I were lucky enough to be at Anfield on May 25, 2025 to watch Liverpool lift their 20th Premier League trophy and march through the city for the champions parade.

I learned the basics of sailing in 2019 after we took a day charter on a Caribbean vacation and I was hooked. In 2020, as lockdown set in, I bought my first sailboat and named her Good Juju after our daughter. She carried us to Pensacola, Key West, and even into the Atlantic to Charleston. I raced the Harvest Moon Regatta four years straight, a 140-mile offshore race from Galveston to Port Aransas, and eventually brought home a 2nd place finish and a manufacturer's cup for first of brand across the line. She's sailing under new colors now, but the Atlantic crossing is still on the list.

Say Hello

I'm always up for a conversation about security leadership, technology, or what it's like to sail offshore for a week at a time.