Writing

Notes on OT/ICS security, RF and cyber-physical systems, risk methodology, and security-first AI.

Jun 29, 2026 5 min read Passing CompTIA SecAI+: Notes from the First Cohort CompTIA's AI-security certification launched in February 2026. A practitioner's honest read on what SecAI+ actually tests, where it bites, what it's good for, what it isn't — and why a named credential matters as AI security becomes its own discipline. May 26, 2026 6 min read Scaling Agentic AI Responsibly: Safeguards, Identity, and Governance One agent is a pilot; a hundred is an operating model. How to scale agentic AI without losing control — the autonomy dial, four safeguard layers, portfolio-scale lines of defense, non-human identity, and governance as a competitive differentiator. May 19, 2026 8 min read Implementing Agentic AI in the Enterprise: A Builder's Playbook Most agentic AI pilots stall on the implementation decisions around the model, not the model itself. A practical playbook for enterprise leaders — the five building blocks of an agent, build vs. buy vs. stack, human-in-the-loop thresholds, a three-week MVP, the new agent-manager role, and the AgentOps discipline that keeps it honest. May 12, 2026 5 min read Agentic AI in the Enterprise: Choosing Where to Start Before you build an agent, you need a position — what agentic AI actually is, where your organization really sits on the AI curve, and which workflow will teach you the most. A strategy-first guide to choosing where to start. Feb 27, 2026 5 min read Cleartext at 915 MHz: What 200 Million Devices Are Broadcasting in the Open You don't always have to break in — many systems just broadcast. With a $60 radio and open-source tools, a passive listener can pull plaintext telemetry from utility meters, vehicles, and sensors across the 902–928 MHz band, touching 10 of 16 critical-infrastructure sectors. A field-grounded look at a systemic cleartext problem. Sep 30, 2024 6 min read 7 Steps to Building a Robust Cyber Risk Program for Third-Party Logistics A practical blueprint for 3PL providers: seven steps to build a cyber risk program that treats security as a business strategy — from risk assessment and governance to vendor management, monitoring, incident response, compliance, and culture. May 29, 2024 4 min read Nature's Blueprint: Transforming Cybersecurity with Biomimicry What if our cyber defenses worked like nature's? Exploring biomimicry in cybersecurity — immune-system-inspired anomaly detection, swarm intelligence for distributed threat detection, and camouflage and deception — for defenses that are adaptive, resilient, and sustainable. Oct 12, 2021 6 min read A Practical Guide to Protecting Yourself in the Digital Age Cybercrime jumped 600% during the pandemic. An approachable guide to protecting your security and privacy online — the threats, the common attack types, and concrete habits anyone can adopt: strong passwords, MFA, link hygiene, public-WiFi caution, and updates.