Professionally, I am best known for pioneering the "virtual CISO" (Chief Information Security Officer, an emerging corporate executive role) and subsequently popularizing it. My two published books are "Why CISOs Fail" (2017) and "The Security Hippie" (2022).
With that, my hidden passion in writing is fiction, with numerous short stories, a couple of novellas, and more poems than I can count. I have, on two occasions, gotten cold feet after being offered an opportunity to publish these works: (1) as a collection of poems detailing an Internet love story (back in the 90's); and (2) when I met one of my favorite authors, Orson Scott Card, at a book signing. I brought his (probably) least known books - the "how to write" ones - for him to sign, which made him curious. When he heard my accent, he invited me to send him one of my short stories for possible inclusion in an anthology he was working on, of stories in English by non-native English speakers. Awestruck as I was, I barely managed a thank you before walking out. I then consistently failed to follow up, which introspection has led me to admit was simply the result of preferring the invitation to the - in my mind - inevitable rejection.
Now I have finished writing my first mystery-fantasy novel, and am trying to figure out how to find an agent, with many future rejections to look for!
Why CISOs Fail: The Missing Link in Security Management--and How to Fix It
This book provides insight as to why and how current security management practices fail at their basic foundation, resulting in overall dissatisfaction by practitioners and lack of success in the corporate environment. The author examines the reasons and how to fix them. The resulting improvement is highly beneficial to any corporation that chooses to pursue this approach or strategy and from a bottom-line and business operations perspective, not just in technical operations. This book transforms the understanding of the role of the CISO, the selection process for a CISO, and the financial impact that security plays in any organization.
The Security Hippie2022
Awards and Recognition
- "Why CISOs Fail" - inducted into the Cybersecurity Cannon (a.k.a the Cybercannon Project) in 2021.