INSIGHTS
Field notes from the work.
Practitioner-written analysis on incident response, CMMC compliance, cloud security, and the cybersecurity decisions facing US organizations.
2026.05.14
ADVISORY
6 min
What a vCISO actually does in the first 90 days
The job description rarely matches the actual work. The first three months of a fractional CISO engagement are less about strategy decks and more about answering the questions leadership did not realize they had.
Read
2026.05.07
CLOUD
6 min
Microsoft 365 hardening: five settings most SMBs miss
Most business breaches we investigate begin with identity, email, or Microsoft 365 configuration gaps. These are five settings that close common exposure paths.
Read
2026.04.30
IR
5 min
What an IR retainer actually buys you at 2 AM
Most retainer agreements look the same on paper. The differences only show up when the phone rings outside business hours.
Read