The SEC should require disclosure of cybersecurity controls

January 17, 2025

8-K filings for material cybersecurity incidents should require disclosure of all cybersecurity controls (software and services) in place when the event occurred.

Discussion: LinkedIn

Twitter Facebook LinkedIn

Introducing Atomic Scorecard: A test tracking tool for ATT&CK + Atomic Red Team

April 18, 2026

Customer discovery questions (or, better alternatives to “What keeps you up at night?”)

April 9, 2026

Whether you’re a founder, in sales, an account manager, or in almost any other customer-facing role, the most valuable thing you can do is ask your customers questions, and learn what their goals, incentives, and measures look like.

Assorted links 2026-03-15

March 15, 2026

Assorted things I’ve read, watched, or listened to:

Assorted links 2026-03-11

March 11, 2026