From War Rooms to WordPress: Why I'm Finally Writing Things Down

Intro

This post is a long time coming. I’ve started and stopped “launching a blog” more times than I can count — not enough time, not finding an “authentic” voice, worrying what people will think, perfectionism, even obsessing over whether the site itself was secure. The list is long.

I’ve spent most of my career in large enterprises, and I’ve always been uneasy about representing a big brand while sharing personal views, especially with a high-profile day job in cloud security. I’ve seen plenty of people in my orbit use their work platform to build a personal brand; that’s never really been my thing, and I prefer a bit of distance between work and personal life. Underneath all of that, there’s been a simple fear: being wrong in public or saying something that feels “too obvious” to my peers.

The conclusion I’ve come to is that almost no one is thinking about this as much as I am, and that the only way through is to start. If the wisdom of the crowd decides this is uninteresting over time, so be it. For now, sharing feels better than sitting on drafts, so here goes.

What finally tipped me over was a mix of things. First, realising how written narratives can help people earlier in their careers, or in smaller organisations, who never get to sit in the kinds of situation rooms I’ve been in. Second, my 2026 goals around low-cost, scalable security businesses and AI-driven tooling mean I need a visible body of work that isn’t tied to any single employer. And finally, there’s a quiet personal driver: I want my son to one day be able to read something that shows what I do and what I actually believe.

whoami

By day, I lead incident response in the cloud, handling complex cases and working on building and managing a growing security team. I spend a lot of time in the middle of messy problems, trying to bring structure and calm when things are on fire.

I also give talks and share research-driven content at conferences, which means I’m used to sharing ideas — just not in blog form yet. Until now, most of my writing has been internal docs, runbooks, and decks.

Outside work, I have a family, live in Brisbane, and recharge with cycling, snow and surf trips, and jiu-jitsu. Those things keep me sane when the pager and the inbox are doing their best to compete for attention.

How I’ll write

This blog is intentionally personal. The opinions here are mine, not my employer’s, and the tone will be more conversational than corporate. Expect rough edges, half-formed ideas, and things I later change my mind about.

I’m aiming for a realistic cadence — something like one solid post a month — and I’m optimising for consistency over polish. If it ends up being more frequent, great, but I’d rather under-promise and actually show up.

I’d love for this to be a two-way conversation. I’m inviting readers to challenge ideas, ask questions, or suggest topics — especially early-career security folks, aspiring leaders, and founders thinking about security. I’m also into health and fitness, and I use tech heavily to track training, so some of that will inevitably creep in too.

Closing

This post is undeniably late, but late is still better than never. My simple promise is to share what I learn from the trenches of cloud security, team building, and experiments in AI and business, as honestly as I can.

If any of that sounds useful or interesting, subscribe, follow along, or just stick around for the next post.