//Writing

Field notes.

Direct takes on cybersecurity, AI, and technology leadership. No jargon soup, no em dashes.

Most AI governance fails in one of two ways: it bans everything, or it governs nothing. There is a better middle.

The middle of an attack is the worst possible time to be making your most important decisions for the first time.

The instinct in a new security role is to act fast. The better instinct is to understand first.

Your security is now the average of every vendor you trust, and most companies have no idea what that average is.

If a director leaves your update unsure what to do next, the problem is the presentation, not the director.

The next great technology leaders will not be the best engineers. They will be the best connectors.

Healthcare AI has enormous promise. Promise is not a deployment plan.

Trust in AI will not come from a values statement. It comes from how you operate when something goes wrong.

Each title taught me the same lesson from a different angle: technology is never just technology.

I get asked the short version a lot, so here it is, along with the part that actually explains the work.

Twenty-five years in, the lessons that stuck are not the technical ones.

A board meeting is not a place to prove how much you know. It is a place to help people decide.

It is almost never the tools. It is the agreement underneath them.

We teach kids to look both ways before crossing the street. We barely teach them anything about the street they actually live on.

Every new digital world arrives selling wonder and quietly shipping new ways to be harmed.