Brian has presented at BSides in San Francisco, Seattle, Portland, and Idaho Falls; Oregon Cyber Resilience Summit; ISACA Portland Chapter; OWASP Portland Chapter; Western Oregon University; Technology Association of Oregon; PNSQC; and others.
Kidnapping a Library: How Ransomware Taught the British Library to Follow Well-Known Best Practices
A cautionary tale about how a ransomware attack crippled a major cultural institution and the measures taken to recover.
Waking Up to AI: An Adventure in Governance
A fictional SaaS company's messy, revealing journey through AI risks, missteps, and gradual governance.
A Minimum Viable Security Program: The Critical Early Steps
Shows how startups can apply lightweight, risk-based practices to achieve real security long before pursuing compliance.
Beyond the Hacker Stereotype: Exploring Cybersecurity Careers You Didn't Know Existed
A fast-paced introduction to a variety of cybersecurity roles with different skill requirements to help people identify paths suited to their skills and interests.
What Goes Wrong? Common Security Problems in Web Applications
A developer-focused walkthrough of the OWASP Top Ten Web Security Risks.
Starting to Think Like a Hacker: Some Easy Ways to Break a Website
A security-awareness talk for people who know some HTML but aren't programmers, demonstrating how attackers exploit common web flaws.
Everyday Ethics: Examples for Software Teams
An interactive conversation designed for college students, focusing on real-world examples of business ethics in everyday situations.
Starting a Security Program on a Shoestring
Guidance for small software teams with minimal security expertise and no budget on building security knowledge and processes into their work.
XXE for Dummies (or How to Make an XML Parser Send You Files)
Step-by-step demonstration of exploiting an XML External Entity (XXE) vulnerability, plus defensive measures to prevent it.