GRC Engineering is Just... Engineering
FedRAMP 20x isn't an overhaul of compliance. It is an extension of engineering best practices into compliance. In other words, compliance is now a function of Site Reliability Engineering.
// Welcome to my digital space
const mission = {
focus: ["cybersecurity", "compliance_automation", "philosophy"],
perspective: "military + industry + government + curious people"
};
const mission = {
focus: ["cybersecurity", "compliance_automation", "philosophy"],
perspective: "military + industry + government + curious people"
};
Welcome to my website, where I write about cybersecurity, compliance automation, policy-as-code, and philosophy. I share practical insights and personal observations that I've picked up over the years, based on my unique perspective that draws from military, industry, government, and personal experience.
Recent Articles
Meditation on Writing
Attempting to capture what writing really means to me.
Living at the Threshold: Dynamical Systems Theory for Security Operations
The mathematics of thresholds maps directly onto cybersecurity. Dynamical systems theory provides the vocabulary to describe how security operations actually works, and how to measure whether it’s working.
Published Works
American Values
2023
Join me on a journey across America, from eastern cities to western deserts, as I search for what's really valuable.
Dancing With My Fate
2021
An open-minded exploration of reality using Occam's razor and the scientific method.