About Me
After completing a degree in electrical engineering from the University of Waterloo, I worked for a few years as a software engineer at Mitel, in my hometown of Ottawa, Canada. Eventually, I became interested enough in the “people” side of business that I went back to school for a Master of Business Administration (MBA) at the University of Ottawa.
For 10 years, I worked as a software product manager, and spent several years at Entrust, where I learned about security software used for encryption and digital signatures. Eventually, I became an IT Security consultant, working with many different public and private sector organizations, conducting risk assessments, and consulting on security architecture and security policies.
My work in risk assessments for IT systems, where virtually ever risk assessment report identified “human vulnerabilities” as the most commonly unresolved risks, led to my obsession with teaching people about threats such as phishing, social engineering and malware.
In 2009, I started podcasting and created an experiment called The Honey Stick Project, where I would drop USB drives in public places and see what people did with them. Then I would use the stories as ice-breakers for training sessions and keynotes. Eventually, I worked on several projects with Symantec where I designed experiments to drop smartphones. I’ve probably lost over 120 phones in my career, probably far more than anyone else in the world.
For the past 10 years, I have been speaking, teaching and consulting on cybersecurity risk management, and founded an online training company called Click Armor®, which uses gamification and interactive content to teach employees how to spot and avoid security risks.
Through this journey, I’ve developed a unique perspective on what works and doesn’t work when teaching individuals about cybersecurity risks.
You don’t need to be a techie to understand how to manage the risks in today’s information-based economy, but there are some important, fundamental concepts you can learn to earn the trust of your clients and colleagues.
Let me show your financial advisors, corporate investors and corporate executives how they can confidently bridge the gap between the powerful complex and unforgiving digital world, and the people who handle its inputs, outputs, configurations and exceptions.