Brian speaks at conferences, companies, chapter meetings, and universities, and would be happy to present at your organization too. More details about all Brian's talks are on GitHub.
Selected venues: ISACA, OWASP, BSides Seattle/Portland/Idaho, Oregon Cyber Resilience Summit, Western Oregon University, Technology Association of Oregon, PNSQC, and others.
Waking Up to AI: An Adventure in Governance
A fictional SaaS company's messy, revealing journey through AI risks, missteps, and gradual governance.
Kidnapping a Library: How Ransomware Taught the British Library to Follow Well-Known Best Practices
A cautionary tale about how a ransomware attack crippled a major cultural institution and the measures taken to recover.
Beyond the Hacker Stereotype: Exploring Cybersecurity Careers You Didn't Know Existed
A fast-paced introduction to a variety of cybersecurity roles with different skill requirements to help people identify paths suited to their skills and interests.
What Goes Wrong? Common Security Problems in Web Applications
A developer-focused walkthrough of the OWASP Top Ten Web Security Risks.
Starting to Think Like a Hacker: Some Easy Ways to Break a Website
A security-awareness talk for people who know some HTML but aren't programmers, demonstrating how attackers exploit common web flaws.
Everyday Ethics: Examples for Software Teams
An interactive conversation designed for college students, focusing on real-world examples of business ethics in everyday situations.
Starting a Security Program on a Shoestring
Guidance for small software teams with minimal security expertise and no budget on building security knowledge and processes into their work.
XXE for Dummies (or How to Make an XML Parser Send You Files)
Step-by-step demonstration of exploiting an XML External Entity (XXE) vulnerability, plus defensive measures to prevent it.