Hi, I’m Tony.

I’m here to make cybersecurity less about fear and more about rational decision-making.

That starts with risk, economics, and cutting through the noise.

I’m less interested in frameworks and more interested in outcomes. Less “best practice,” more actual practice. I believe security should be measurable, risk should inform decisions, and that compliance theater is wasting everyone’s time.

I cover topics like quantitative risk, security economics, and the psychology of bad choices — because behind every breach is a human, a budget, and a spreadsheet that no one believed.


Latest Essays