A smiling man with gray hair signing a book at a convention or event, seated at a table with a white surface.

Hello World!

I’m the CEO and co-founder of the Cybercanon Project, an all-volunteer nonprofit seeking to be the Infosec Community’s first source for curated and timeless cybersecurity wisdom.

Over a 30-year career, I have served in senior leadership roles across government, industry, and media.

Chief Security Officer and podcast host at The CyberWire (a cybersecurity podcasting network), CSO at Palo Alto Networks (a security vendor)
CISO at TASC (a U.S. Government Contractor)
General Manager of iDefense at VeriSign (a commercial cyber intelligence service.
Global SOC Director at Counterpane (one of the original managed security service providers)
Chief of the U.S. Army’s Computer Emergency Response Team, where I coordinated network defense, intelligence, and attack operations for the Army’s global network.
One of the Founding organizers of the Cyber Threat Alliance (an ISAC for security vendors)
I currently advise
Tidal Cyber (a startup that operationalizes the MITRE ATT&CK framework)
The Center for Internet Security (a nonprofit known for setting cyber benchmarks)
Resilience (a security vendor that forecasts risk using insurance data).

I hold a Master of Computer Science from the Naval Postgraduate School and an engineering degree from the U.S. Military Academy. I taught computer science at West Point from 1993 to 1999 and currently serve as a seminar instructor in Carnegie Mellon University’s CISO Executive Program, where I teach a biannual module on Cybersecurity First Principles.

I have authored one book on cybersecurity and served as executive editor on two others.

The Infosec Leader’s Absolute Cybersecurity First Principle

Reduce the probability of material impact due to a cyber event within the next three years.