GRC Engineering is Just... Engineering
FedRAMP 20x isn't an overhaul of compliance. It is an extension of engineering best practices into compliance. In other words, compliance is now a function of Site Reliability Engineering.
// Welcome to my digital space
const mission = {
focus: ["cybersecurity", "compliance_automation", "philosophy"],
perspective: "military + industry + government + curious people"
};
const mission = {
focus: ["cybersecurity", "compliance_automation", "philosophy"],
perspective: "military + industry + government + curious people"
};
Welcome to my website, where I write about cybersecurity, compliance automation, policy-as-code, and philosophy. I share practical insights and personal observations that I've picked up over the years, based on my unique perspective that draws from military, industry, government, and personal experience.
Recent Articles
Meditation on Writing
Attempting to capture what writing really means to me.
Converging on Trust: How The Engagement Model Diverges
Systems that optimize on engagement diverge against trust. Exploring the security risks of engagement-optimization in generative AI platforms used by government.
Published Works
American Values
2023
Join me on a journey across America, from eastern cities to western deserts, as I search for what's really valuable.
Dancing With My Fate
2021
An open-minded exploration of reality using Occam's razor and the scientific method.