Cybersecurity GRC specialist focused on building sustainable, high-trust security programs that protect business-critical functions and drive growth.
A monument to mercy & Father.
Interests/Hobbies: Disaster Relief Volunteer, Weather Geek, Kayaking. {Views are my own}
Hashtags: #lrtweetup #sectwits #GRC #arkansas #arwx
| Links: | https://tsudo.carrd.co/ |
| Location: | Southern U.S. 🇺🇸 |
| Homepage: | https://forwardslashsecurity.com |
The most important & disturbing talk I’ll hear this week.
We as an industry/community have to reckon with sexual predators & extortionists that are drawn to cybersecurity.
Excellent talk stating the significant problem.
Find this video later.
See his slides and more links in speaker notes
At a #BSidesLV talk on non-human identity, referenced GitGuardian’s State of Secrets Sprawl 2025 Report:
🔐 23.8M secrets leaked on GitHub in 2024 (+25%)
🤖 Most are tied to non-human IDs—API keys, service accts
📉 70% of 2022 secrets still active
https://blog.gitguardian.com/the-state-of-secrets-sprawl-2025/
credit: @mcdwayne
Let me know if you want it trimmed even further for character count or tone.
@Viss that’s a whole other discussion.
Compliance when done well is structure and demonstrating trust.
Bad controls however are the root of all evil.
It could be argued that the cybersecurity orgs don’t prioritize thinking.
Just reacting.
Another meeting.
Another Slack thread.
Another alert.
Nearly conditioned to see, react, discuss, then do.
No pause. No reflect. No design.
Make thinking great again.
