Research

Articles & Guides

Privacy engineering · OSINT defense · Practical security

What a Field CISO Actually Is

What a Field CISO Actually Is

Field CISO roles have multiplied across the industry, and the understanding of what the job involves has lagged well behind the hiring. After four and a half years in the role, here is what it is, what it demands, and how to tell a peer from a sales meeting.

Read
Whatsapp vs Signal

Whatsapp vs Signal

Both apps use the same encryption protocol, but only one is owned by a company fined billions for privacy violations. Here's why I have only ever used Signal.

Read
The Space Between - Why 68% of Breaches Exploit Spaces We Never Defend

The Space Between - Why 68% of Breaches Exploit Spaces We Never Defend

Discover how the Japanese concept of ma (間) reveals why 68% of cyberattacks succeed in the space between our security controls.

Read
Ghost In The Source (CTF)

Ghost In The Source (CTF)

Capture-the-flag (CTF) challenge for podcast listeners. Now closed: three winners took home 6-month TryHackMe vouchers.

Read
Demystifying Shamir’s Secret Sharing

Demystifying Shamir’s Secret Sharing

Demystifying Shamir’s Secret Sharing

Read
Ten Things CISOs Could Do Better

Ten Things CISOs Could Do Better

Ten Things 'Some' CISOs Get Wrong, and Could Do Better

Read
Self Hosting Nextcloud for Privacy, the Right Way

Self Hosting Nextcloud for Privacy, the Right Way

If you are still using cloud services such as Dropbox or Google Drive for file sync, then this one is for you.

Read
Venturing into AI Security with Locally Hosted LLMs

Venturing into AI Security with Locally Hosted LLMs

Artificial Intelligence (AI) encompasses machine learning, deep learning, Large Language Models (LLMs), image generation, and even deepfakes.

Read
Using the TOR Browser over VPN

Using the TOR Browser over VPN

The key point to remember about TOR is that it's a decentralized network, designed to anonymize internet traffic by routing it through multiple nodes.

Read