Technical and Advisory Services

The ways I can help you

  • Architecture and Design

    Whether your organization relies on cloud providers such as AWS, GCP, or Azure, or you maintain your own data centers, I can guide your team in developing a robust technical architecture to secure your digital assets. From network security and data protection to system design, I'll help craft a customized security infrastructure, fostering a secure environment for your business to thrive.
  • Governance Support

    Bridging technical and business concerns, I'll aid your leadership in making informed cybersecurity decisions, while managing regulatory, compliance, and contractual obligations. I'll align security architecture and operations with your business strategy, ensuring effective information risk management.
  • Incident Response Planning

    Collaborating with your team, I'll craft an incident response plan to ensure swift and effiective responses to cybersecurity threats. I'll align this plan with compliance and regulatory obligations, empowering leadership to handle security incidents. My goal is to bolster your business resilience and prepare for cybersecurity contingencies.
  • Program Development

    As your strategic advisor, I offer tailored Program Development services to optimize and secure your technology infrastructure. With your business needs in mind, I'll create a program integrating cybersecurity, risk management, and technology strategies to streamline operations, fortify defenses, and foster a resilient, growth-oriented business.
  • Risk Assessment and Management

    I'll guide your team through the development of a holistic Risk Management Program for your organization incorporating leading practices from guidance such as the NIST Cybersecurity Framework and the FAIR Risk Model. I will assist in crafting mitigation plans and establishing procedures for continual assessment and response. My ultimate goal is to foster a proactive risk culture, enabling your business to preemptively address threats and maintain its growth trajectory.
  • Secure Code Development

    Do you need help building secure, high-performance applications? I offer Secure Code Development services tailored to your needs. Leveraging my experience with safety-oriented technologies like Rust, WebAssembly (wasm), and TypeScript; modern frameworks such as SvelteKit and Yew; and Smart Contract languages like Solidity, I can guide your team in developing secure, efficient, and maintainable code that aligns with the highest security standards.

Personal Projects

Services that I'm building

These are projects that address challenges that I am either particularly passionate about, or for which I believe I can contribute to the solution space in a unique or rarified way. I seek out opportunities to apply my knowledge and experience in ways that enable people to live lives more productively, securely, and generously.

In general, I don't intend to profit financially from these personal endeavors. They serve as a way for me to experiment with new ideas and to hone my craft.

Friendowment

Friendowment Header

Fostering a culture of generosity

The idea for Friendowment arose from the thought that we could all be doing more to proactively address the financial needs of the communities that we exist within. At both a spiritual and a human level, I felt that the American ideal of individualism when it comes to matters of governance should not extend to matters of family and community. And we should be thinking about addressing that need before it arises, rather than only when an adverse event occurs.

That line of thinking led me to build a financial tool that would allow communities to partner together to establish shared financial assets that could be drawn upon by individual members of the community autonomously, according to controls built in to the assets, when the need arises.

Enigmatick

Enigmatick Header

Enhancing privacy in federated social networking

The rise of decentralized social networking services like Mastodon and Pixelfed based on common standards (e.g., ActivityPub and WebFinger) has been exhilirating to watch. It's empowering to take some amount of control of our digital lives back under our own control.

But the reality of that shift reveals that the privacy challenges imposed by centralized platforms do not disappear. Particularly in the case of complex applications like Mastodon and Pixelfed, most participants essentially just shift the trust placed in the Twitter and Meta corporations to relatively unknown individuals running and securing servers at their whims.

One of the risks of using someone else's infrastructure is that the administrator often has full access to data that users might otherwise consider private (e.g., Direct Messaging). That's a problem that I sensed I could address and have been building toward solving with the end-to-end privacy technology in Enigmatick.