Imagine you’ve bought a vehicle with an Alexa skill. It’s literally the bleak mid-winter and you’ve decided that this skill is essential to your personal well-being because it allows you to start your vehicle without experiencing that first morning chill as you breath in freezing air.

Flash forward five years…


This morning, after reading this article (https://www.zdnet.com/article/us-blames-iran-for-spoofed-proud-boys-emails-threatening-democrat-voters/), I found myself thinking about Michael Pitre’s 2014 novel “Fives and Twenty-fives”. …


A few weeks ago I had hernia surgery (I can’t violate my own HIPAA rights, right?). The surgery was performed by the New Orleans VA medical center and I couldn’t have been happier with the whole thing from appointment making to diagnosis to the actual surgery. …


Orchid colored phish

Swims past coral reef firewall

Maims ecosystem

Most hacks start with a phish because e-mail security is porous and constantly evolving. Every few weeks our email provider changes their management and security dashboard just enough that our team needs to launch an investigation to find previously available…


Sheep dog, over watch, scout

Blue teams defend family

Teammates, friends, shared goals

Those of the cyber community who play an active role in defense of our communities have many images ascribed to them. Perhaps my favorite is that of the sheepdog. Every day I pass two diligent sheep dogs…


Firewall, port blocked! Crap!

Search for back door, probe weakness

Found one. Problem solved

Regardless the imagery we superimpose on cyber criminals, at their core they too come to work to solve problems. Unfortunately our understanding of the distinction between hackers and cyber criminals really needs to be more fully…


Cryptocurrency

Blockchain, bad software, few rules

Swiss banks, fiats, still lead

The hype around blockchain and cryptocurrency seems to have been somewhat tempered by the realization that bad practices in system development still lead to ingress points for criminals to exploit for malevolent gain. …


OWASP, COBIT, NIST

HIPAA, HITRUST, SOX…Controls

Are only the start

Compliance and security are certainly partners, but neither is a complete solution unto itself.

The idea that meeting a HIPAA checklist or a HITRUST checklist is even remotely close to security would be comical if it weren’t so tragic. First…


Malware, Trojan, worm

Credential spray, brute force, tor

Tools? Weapons of war?

Most tools, whether we think about it or not, have at least two potential purposes; one legitimate and one not. Most people’s actions can be perceived similarly. …


For every successful intermittent fasting story, there’s an unsuccessful one. We’re not all created equally and I suspect we all respond to various stimuli in just as many different ways. My journey was one of sacrifice and discipline. …

John Keenan

22 years Marine cyber/cryptolinguist. Now corporate CISO and documenting it. I cycle, CrossFit, travel and write. #cisolife, #amwriting.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store