Privacy PC

Security in mobile development is not just about encryption or penetration testing. It requires embedding compliance, secure API practices, and dependency scrutiny into every sprint. Read my new article to learn more. https://t.co/Ab8ueCkOcF

The recent Foxconn incident demonstrated how supply chain compromises combine data theft with operational disruption. My new column on SC Media focuses on countermeasures for this style of attack. https://t.co/71MBnTBEnN

Frontier AI models offer extraordinary capabilities but cost 10–30 times more per token and introduce latency. Smaller models, paired with strong prompt engineering, often outperform them for focused, high‑volume applications. Read more in my new article: https://t.co/D7CcatZKX2

CISOs often confuse visibility with progress, leaving exposures unmanaged between scans. That being said, CTEM only becomes operational when it integrates into ticketing, CI/CD, and incident workflows. https://t.co/qqasu3S1Na

My new column on SC Media looks at how teams should respond to the Claude Mythos momentum so cybercriminals don't get the upper hand. https://t.co/6HNa1sxC6F

With virtual desktop set-ups maintaining popularity among organizations, I compiled the ways to protect such ecosystems in 2026, and likely beyond: https://t.co/qrcHvC26Zd

SC Media just posted by new column about a promising approach to securing emissions telemetry data in manufacturing execution systems (MES). https://t.co/NVXCc98pm7

Prompt injection exploits scarce separation between instructions and data in LLMs, and input filtering can't fully solve it. To address this, regulated industries are increasingly applying defense‑in‑depth principles to AI pipelines. https://t.co/hAxcjCQ7cR

The rise of synthetic identity fraud, fueled by deepfake technology, is undermining traditional security checks. My latest article on SecureWorld highlights layered defenses and modern verification strategies to counter these evolving threats. https://t.co/tRsdHBtWp1

The piece discusses how AI’s ability to surface vast amounts of potential cyber threats creates a paradox - greater visibility but less clarity of what are real dangers and false positives. Read more if this topic piques your interest. https://t.co/PEgjRQMQOl

It seems malicious actors are cashing in on hyper-volumetric DDoS attacks that have seen a significant growth since late 2025 and continuing in early 2026. My new column on SC Media explains how orgs can stay safe from this incursion vector. https://t.co/KpK85olBFc

CSA just posted my new blog that shines a light on the role of micro-segmentation for achieving the efficiency and zero trust based security of physical hosts in large networks. Read this to learn more. https://t.co/PZb9Ebjy2O

When it comes to migrating an enterprise infrastructure to the cloud, the shared responsibility model is often the elephant in the room. My new column on SC Media explains why, and how to provide proper cloud security. https://t.co/kmOtATbCAd

Disaster recovery often implies a systems rollback to an earlier state, but doing so can open old security loopholes. My new column on SC Media explains what these pitfalls are, and how to steer clear of them. https://t.co/JqKuYzj1Rw

My latest article on CSA Blog looks at how three popular BYOD security deployments (VDI, DaaS, Local Secure Enclaves) perform in terms of the Cloud Controls Matrix (CCM) playbook to mitigate risks tied to data leakage, endpoint compromise, and compliance. https://t.co/2Tx91IZrLe

AI can be a double-edged sword when it comes to IoT security, as it can help strenghthen the defenses, and on the other hand, become a tool in attackers' hands. Read my new article on the amazing SecureWorld News to learn more. https://t.co/miJGDUnq6S

My new column on SC Media focuses on what adversarial OSINT on C-suite executives looks like, the potential consequences for the organization, and guardrails against this style of attack. https://t.co/0novSdCGJH

Virtual Desktop Infrastructure (VDI) is the average org's go-to choice for managing BYOD workers and contractors. My new article on Tripwire explores this set-up's vulnerabilities and explains how to minimize associated risk. https://t.co/UWeTVuId6g

At some point, every crypto investor faces a dilemma: whether to maintain complete control of their assets and private keys, or to use third-party storage for that. My new article goes over the pros and cons of both tactics. https://t.co/6Pfovk8xbe