Before I was a ghostwriter, I spent two decades running technology infrastructure and security for a major national retailer, plus years before that on SCADA systems, fraud detection, and the first disk defragmenter ever built. This series is what I learned in the server room. Real talk on cybersecurity, digital transformation, and the metaverse, from someone who did the work, not someone who read about it.
TL;DR I led cybersecurity at a major national retailer for twenty years. Once PCI DSS applied, we passed every audit we faced. Now I ghostwrite books for the security leaders
TL;DR I wrote the security policies and procedures for a company against NIST CSF and NIST 800-53, and these days I ghostwrite books for the security leaders who live this
TL;DR I was never a CISO by title. My networking partner and I were both directors, and since our boss was not security savvy, the two of us functioned as
TL;DR Most security tools are theater. I sat through endless vendor pitches for products with huge dashboards full of blinking widgets that looked impressive and did almost nothing. Security is
TL;DR The human layer is the biggest security weakness, and the one people are least ready for, because they do not expect other people to be malicious. They do not
TL;DR Security is mostly boring work nobody wants to do. Patching, access reviews, and backups. I ran enterprise security for two decades, and the one time everything went wrong, it
TL;DR Attackers do not usually come through your firewall. If they do, you were sloppy, because firewalls and pen testing are the easy part. The real ways in are social
TL;DR Most digital transformation advice assumes a tech company. I ran it for a retailer, a company whose actual business was selling things, not building software. That is different, and
TL;DR I ghostwrote three digital transformation books for executives, and it taught me something running transformations did not. Each executive did it completely differently, at a scale far bigger than
TL;DR Do digital transformation in this order: people, process, technology. People first, always, which means asking what happens to each person. Do they get retrained? Retired? Where do they go?
TL;DR The hardest part of running technology was not the technology. It was that leadership spoke business and I spoke tech, and neither of us understood the other. I did
TL;DR Legacy systems do not die because a strategy wants them gone. I had to keep ancient systems alive for years, including one running on hardware that could no longer
TL;DR Most digital transformations fail for an unglamorous reason: poor testing. Everyone tests whether the system works normally. Almost nobody tests what happens under real load, or what happens when
TL;DR Digital transformation is plumbing. The buzzword makes people picture something exciting, but the real work is infrastructure, done one component at a time. I led enterprise transformations at a
If this series sparked something, let's talk about turning your expertise into a finished book.
