Cybersecurity Policy

I speak and write about information security topics, with an emphasis on cryptography and distributed denial-of-service (DDoS) attacks. I've written for DarkReading, SC Magazine, and Network World. But most people know me from my monthly column at SecurityWeek.

Click the selectors in the Content pane to filter the content.


Sept. 27, 2018 tags:  infosec policy

Data Privacy and the 2018 Philippine Identification System Act

Here's an essay I wrote about what I think are the data privacy concerns around the Philippine National ID system (PhilSys). Having a national identification system is a good thing; this essay contains my advice to the implementors of PhilSys, so that they can most properly secure their citizen's data.


Aug. 21, 2018 tags:  in-the-news infosec policy

National ID Systems and Data Privacy

After receiving some media inquiries around the Philippines national ID system, I put together an essay, with the help of my indispensible personal assistant in the islands, on data privacy and the Philippine National ID system (PhilSys). Back End Systems quoted me from the essay in this article. See F5 Labs for the main essay.


March 22, 2018 tags:  infosec security-week policy

5 Fun Facts about the Singapore Cybersecurity Statute

Someone asked me what I thought about the recently passed Singapore Cybersecurity Statute. So I did some research and turned it into an article for SecurityWeek.