Published Work
A selection of writing that shaped the foundation for the Resilience Operating Model (ROM).
Over the past several years, I’ve written for Forbes on the evolving intersections of cybersecurity, business leadership, cloud transformation, and the governance responsibilities emerging across public companies. These articles represent the earliest threads of my thinking on identity, architecture, and enterprise resilience — themes that now form the backbone of the Resilience Operating Model (ROM).
While the ROM is a unified framework, its origins began in questions I explored long before the model existed: How should CISOs evolve into business leaders? What does cloud transformation mean for resilience? And what role will cybersecurity expertise play in board governance as operational risk continues to accelerate?
The articles below shaped the intellectual trajectory that led to Resilience Is the New Compliance and the ROM ecosystem. They also reflect a consistent idea: resilience is no longer a defensive capability — it is a strategic one.
Preparing The Future-Ready CISO For Business Leadership
Forbes, June 28, 2024
Summary:
This article examines the CISO’s evolution from a technical operator to a strategic enterprise leader. I explore why future-ready CISOs must center identity, architecture, and resilience as business capabilities — not technical control domains — and what that shift means for CEO and board expectations.
Securing The Future: Embracing Cloud-Centric Cybersecurity Strategies
Forbes, August 8, 2023
Summary:
Cloud transformation changes the nature of cybersecurity — from infrastructure management to identity-driven, architecture-led security. This article explores how cloud adoption reshapes enterprise resilience, vendor dependencies, and operational complexity, and why organizations must treat cloud architecture as a primary driver of resilience outcomes.
From Regulation To Resilience: Cybersecurity Experts On Public Company Boards
Forbes, July 3, 2023
Summary:
As regulators increase expectations for operational resilience, boards are seeking directors who understand the intersection of technology, risk, and business continuity. This article outlines why cybersecurity expertise is becoming a strategic differentiator in boardrooms — and how resilience, not regulatory compliance, is emerging as the new fiduciary frontier.
Together, these articles form the early foundation for what would eventually become the Resilience Operating Model (ROM). They explore shifts in leadership, technology, and governance that signaled a larger transformation: the rise of resilience as a measurable, strategic discipline.
My current work — the Executive Brief, the upcoming full ROM white paper, and subsequent research — builds directly on these ideas and expands them into a unified, evidence-based framework.
Explore the Resilience Operating Model (ROM)
A new foundation for cyber, technology, and operational resilience.