Conference auditorium background

Event Calendar

March 2026
Sun
Mon
Tue
Wed
Thu
Fri
Sat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
1
2
3
4

Public Appearances

Conference talks, podcast interviews, speaking engagements, and media features

Upcoming Appearances

Where you can catch me next

No upcoming appearances scheduled. Check back soon!

Speaking Engagements

Conference talks, workshops, and presentations

Apr
28
2025

NADITA Annual Convention

AI-Powered Payload Generation: Enhancing CTEM for Enterprise Security

Exclusive Industry Conference
April 28-May 1, 2025
Orlando, FL

Caterpillar Dealer IT Leaders Conference

Presented at the exclusive North American Dealer Information Technology Association (NADITA) Conference for Caterpillar dealer IT leaders, focusing on leveraging AI-powered payload generation to enhance Continuous Threat Exposure Management (CTEM) strategies in enterprise environments.

Podcast Appearances

Interviews and conversations on podcasts

Podcast
March 2026

AI Killed the CTF Star

Simply Offensive (Suzu Labs)

Phillip Wylie and I discuss the integration of AI in Capture The Flag competitions and its implications for cybersecurity. I share experiences with AI in penetration testing, how it enhances efficiency and changes the competitive landscape, the future of certifications, and the ethical considerations surrounding AI in cybersecurity.

Watch on YouTube
Video Interview
2024

Breaking Into Cybersecurity

YouTube

An interview where I discuss my journey into cybersecurity, career advice for aspiring security professionals, and lessons learned breaking into the industry.

Watch on YouTube

Media Quotations

Articles and publications where I have been quoted as an expert

From AI Hype to AI Risk: Cybersecurity Experts Share 2026 Forecast and Predictions
ClearanceJobsJanuary 2026

From AI Hype to AI Risk: Cybersecurity Experts Share 2026 Forecast and Predictions

2026 will represent a clear shift from AI exploration to sustained operational deployment, particularly around AI agents and agentic systems. Traditional security tools are not designed to govern systems that make autonomous decisions, dynamically chain tools, or operate continuously with evolving context.

Read Full Article
Hackers Claim to Disconnect Brightspeed Customers After Breach
Infosecurity MagazineJanuary 2026

Hackers Claim to Disconnect Brightspeed Customers After Breach

Because ISPs serve millions of people and underpin critical communications, security failures carry societal and national security implications, not just technical ones. Disruption or abuse of these networks can affect public trust, service continuity and the broader information environment.

Read Full Article
Why Government Is Rethinking Cybersecurity as a System, Not a Silo
Security BuzzJanuary 2026

Why Government Is Rethinking Cybersecurity as a System, Not a Silo

The plan being proposed is timely given today's cyber threat landscape. Heightening geopolitical tensions worldwide, combined with the rapid advancement of artificial intelligence, are materially changing both the volume and sophistication of cyber attacks.

Read Full Article
UK Invests £210M on Action Plan to Strengthen Public Sector Cybersecurity & Software Supply Chain
The IT NerdJanuary 2026

UK Invests £210M on Action Plan to Strengthen Public Sector Cybersecurity & Software Supply Chain

The line between the public and private sectors is also increasingly thin. Essential public services depend heavily on privately operated companies, meaning failures in one domain quickly affect the other. Treating private sector cybersecurity as a national security concern is therefore both forward-thinking and prudent.

Read Full Article
Data Breach on Broadband Provider Brightspeed Exposes 1M+ Customers, Hackers Threaten to Cut Home Internet
CPO MagazineJanuary 2026

Data Breach on Broadband Provider Brightspeed Exposes 1M+ Customers, Hackers Threaten to Cut Home Internet

When a telecommunications provider experiences a potential breach, the impact reaches well beyond the company itself. Internet service providers support everyday communication and commerce, and access to their systems can expose customer information at a significant scale.

Read Full Article
UAT-10027 Targets US Education, Healthcare Sectors via DOH Technique
SC MediaFebruary 2026

UAT-10027 Targets US Education, Healthcare Sectors via DOH Technique

Dohdoor exploits a gap that sits directly between two categories of security tooling: DNS monitoring tools are watching traffic on port 53. They are not inspecting HTTPS. Next generation firewalls and deep packet inspection tools are watching web traffic and encrypted sessions. They are not looking for DNS queries embedded inside that HTTPS. Neither set of tools is broken. The problem is that Dohdoor was built to live in the blind spot between them.

Read Full Article
North Korea's Lazarus Group Targets US, Middle East Healthcare Sectors
SC MediaFebruary 2026

North Korea's Lazarus Group Targets US, Middle East Healthcare Sectors

The Lazarus Group's use of Medusa ransomware represents a clear signal that nation-state backed cybercrime has fully industrialized. State actors are no longer building every tool from scratch. They are acquiring capabilities off-the-shelf, the same way any business scales operations. Defenders have to plan for adversaries that can scale faster than traditional security programs can.

Read Full Article