Thoughts on Security

Insights from the trenches of cybersecurity.
Architecting security programs, incident response war stories, threat analysis, and lessons learned defending digital frontlines.

2 Articles

5 Categories

Updated Weekly

Featured

📊

GRC

2026 Industry Report

March 5, 2026 • 12 min read

The GRC Analyst in 2026: Four Trends Reshaping the Role

An in-depth analysis of how AI governance, continuous compliance, third-party risk management, and cloud control mapping are transforming the GRC profession. With market projections, skill frameworks, and strategic positioning advice.

AI Governance ISO 42001 SOC 2 TPRM

All Posts

March 3, 2026 • 15 min

Building ResolvX: A Complete GRC Program for a Fictional Fintech

A comprehensive walkthrough of building a production-grade GRC program from scratch — ISO 27001 alignment, SOC 2 readiness, risk assessment, TPRM, and a live Trust Center.

ISO 27001 SOC 2 Trust Center

✍️

Coming Soon

Stay Updated

Get notified when I publish new articles on GRC, threat intelligence, incident response, and security operations.

No spam, unsubscribe anytime.

Thoughts on Security

The GRC Analyst in 2026: Four Trends Reshaping the Role

Building ResolvX: A Complete GRC Program for a Fictional Fintech

More articles in progress...

Stay Updated