Work
Outcomes That Move The Business
21+ years scaling security, DevOps, and platform teams. Real outcomes — HITRUST certifications, AI governance programs, vendor risk at scale — not slideware.
Request More Info
Case Studies & Practice
Deep dives on the programs and decisions behind the outcomes.
Experience
Case studies
Cloud, DevOps & infra
Fintech & finance
Now
Open Source
Code that's shipped to production.
GitHub repos
Writing
Field Notes On Security & Velocity
Essays, briefings, and short notes on what's actually working in security, AI governance, and high-velocity engineering teams.
Subscribe
Long Form
Essays and deep dives on security, AI, and growth.
All posts
Table of contents
By topic: AI & Governance
By topic: Security & GRC
By topic: Cloud & DevOps
By topic: Fintech & Finance
Short Form
AI news with my takes and the newsletter.
AI news + my takes
Newsletter archive
Subscribe
Get new pieces in your inbox or your reader of choice.
Email newsletter
RSS feed
JSON feed
AI
AI, Hands-On Not Hand-Wavy
Curated AI news with my takes, plus the free calculators and tools I use with CIOs and AI architects every week.
Explore the Tools
News & Commentary
What's shipping in AI, with an operator's take.
AI news + my takes
Interactive Tools
Calculators and pickers you can use right now.
All free tools
AI ROI calculator
LLM cost estimator
Model picker quiz
Ask & Search
Query my work directly or search the whole site.
Ask Michael (AI)
Search the site
About
Operator, Advisor, Builder
Security executive, UC Berkeley MICS, board advisor, and builder. Here's the background, credentials, and personal context behind the work.
Read Full Bio
Background
Bio, education, and how I got here.
Bio
Now
Credentials
Degrees, certifications, and advisory roles.
Education & certifications
Elsewhere
Open source and code outside of work.
GitHub
Connect
Let's Build Something Together
Intro calls, strategy sessions, advisory engagements, or a quick question — pick the channel that fits and we'll go from there.
Book a Call
Work Together
Start a conversation or book time directly.
Contact form
Book time
Direct Channels
Email and LinkedIn are the fastest ways to reach me.
Email
LinkedIn
Recruiters & Boards
The 60-second one-pager and advisory & board interest.
Executive one-pager
Advisory & board interest
Resume (PDF)

Open to board advisory and board seats — 2H 2026, then CY 2027–2028.· AI governance, security, and platform · Forward-looking interest — not a current board seat

See details →

SavvyMoney ·

Getting Ahead of AI as a Threat and a Tool

Treated AI security as a multi-year strategic track — tracking how offensive capabilities evolve, evaluating defensive tooling, and building governance for AI-driven decisions where fairness and explainability matter.

Back to all work

The problem

AI is simultaneously lowering the cost of attacks (more convincing phishing, faster reconnaissance, automated exploitation) and raising the ceiling on defense (anomaly detection, triage, synthesis). Most organizations are reacting to one side and ignoring the other.

The approach

I treat AI security as a multi-year strategic track, not a one-off project: monitoring how offensive capabilities are evolving, evaluating defensive tooling, and thinking through governance for AI-driven decisions in a consumer-finance context where fairness and explainability matter.

The outcome

A forward-looking posture that aims to keep the program ahead of the curve rather than scrambling to catch up.

AIThreat IntelligenceStrategy