← Back to Home

Talks & Publications

A collection of public speaking engagements, conference presentations, and professional writing.

Representing Google

Burnout: My Invisible Adversary Video Black Hat EU 2023 Community Talk A personal exploration of the psychological toll of high-stakes incident response and strategies for resilience.
Security Weekly - Incident Command Video Security Weekly Deep dive into formal Incident Command structures and their application in cybersecurity crises.
"Excuse me while I kiss this guy" - What you said isn’t what they heard PDF FIRST Incident Response Forum Bridging the communication gap between technical responders and organizational leadership during an incident.
Behind the Speculative Curtain Video Black Hat USA - Panel on Spectre & Meltdown A high-profile live panel with experts from Google, Microsoft, Red Hat, and CERT-CC discussing the global response to CPU speculative execution vulnerabilities.
CPU Security & Side Channels Audio Google Cloud Podcast (with Paul Turner) A 30-minute technical breakdown of CPU side-channel vulnerabilities and the complexities of hardware-level mitigation.
"You are the Weakest Link - and that’s OK" SANS DFIR Summit Lightning Talk Reframing the "human element" in security: why phishing works and how to build systems that are resilient to human error.
Network Disasters - When the Bits Hit the Fan Video SANS DFIR Summit A unique presentation on network-level incident response, delivered entirely in the form of a Dr. Seuss book.
The Remediation Ballet - Incident Response at Scale PDF SANS Threat Hunting & IR Summit (2016), FIRST Summit (2018) Strategies and frameworks for managing massive-scale remediation efforts across global infrastructure.
Exploitation in Meatspace - Physical Penetration Testing Tips PDF SANS Pen-Test Hackfest 2015 Practical insights into physical security, facility access, and the intersection of digital and physical domains.
Go ahead, run your own mailserver - what, are you chicken? PDF SANS Pen-Test Hackfest 2016 Advocating for the educational and security value of self-hosting critical infrastructure in an era of cloud dominance.
SANS DFIR Summit War-Games 2018, 2019 Summits Co-designer and facilitator of large-scale incident response simulation exercises.
Forensic Lunch w/ David Cowen Video YouTube / Forensic Lunch Discussion on current trends in digital forensics and incident response.

Representing NASA

NASA Nebula - NASA’s secure by default private cloud SANS Cyber Security Innovation Summit (2013) Designing and securing one of the first and most advanced private cloud deployments in the federal government.
NASA and IPOST: Security automation and gamification SANS Cyber Security Innovation Summit (2012) Pioneering work in automated security posture assessment and the use of incentives to improve organizational security.
Cloud Security for Government Video California CIO Information Security Forum (2010) An early look at the security implications and opportunities of cloud adoption for public sector organizations.

Books & Academic Papers

Building Secure & Reliable Systems Book O'Reilly Media - Author of Chapter 17: Crisis Management An industry-defining guide to building and operating secure systems at scale.
Beats & Bytes: Striking the right Chord in Digital Forensics Paper SANS Reading Room (Co-authored with Ryan Pittman and Cindy Murphy) Exploring the intersection of musical theory and digital forensic analysis.

Selected Articles & Blog Posts

Operational Professionalizing vs Proceduralizing A philosophical look at how we train and empower incident responders.
On Burnout in Cybersecurity Further reflections on the chronic stress and mental health challenges in the DFIR community.
You Can't Incident Command an Email Thread Why synchronous communication and clear structure are vital during a crisis.
Proving Negatives How to handle the difficult task of investigating when you are asked to prove "nothing happened."
On Fire Drills and Phishing Tests Comparing physical emergency preparedness to digital security training.

Reception & In the News

The Language of Meltdown and Spectre A review of our blog posts and communication strategy during the Spectre/Meltdown remediation.