Notes on security, risk, and decision-making to promote a stronger, more informed security community.
Field Notes is a collection of short essays on cybersecurity, risk, and decision-making to promote a stronger, more informed security community.
These notes come from more than two decades of working in IT and security, teaching, mentoring, and learning from real failures. They focus less on tools and more on how people think about security, how risk is misunderstood, and why many well-intentioned efforts fall short.
This writing is intentionally practical and accessible. There are no vendor pitches, no gated content, and no proprietary examples. The goal is to share knowledge that helps people make better security decisions in the real world.