This blog has been written with a purpose of sharing the experiences I have had with helping large enterprise customers set up information security programs. It talks about the pains and triumphs, challenges and absurdities of securing our digital assets. I will also talk about my other passions - management and financial analysis especially how they relate to information security.
Why should you spend your time here?
Maybe its because I'm the Director of Business Development & Services Strategy for one of Microsoft's core security teams. What that means is that i'm responsible for leading the consulting business that acts as a bridge for information flow between Microsoft's internal security team and our greater ecosystem. In previous avatars, i've been a security consultant dealing with the complexities of application security, threat modeling and vulnerability research. Maybe because I did graduate work on stopping worms at the Security Lab at UC Davis.
Mostly, I'm hoping that its because this blog will not be a mere collection of trackbacks and links to other content. It will be an analytical view of business problems and creative solutions.