Shared Responsibility and FOIPPA: What Municipal IT Teams Need to Know Sep 24, 2025 Understanding the shared responsibility model and its impact on FOIPPA compliance for municipalities using Microsoft 365. ...
The FOIPPA Compliance Gap Hiding in Your M365 Environment Sep 22, 2025 BC municipalities face a critical compliance gap: M365 deletes emails after 30 days, but FOIPPA requires 1-year retention. Learn how to fix this 335-day gap. ...
ASR Rules - Hidden Security Controls Sep 12, 2025 Attack Surface Reduction rules in Microsoft Defender could have prevented major Canadian ransomware attacks. Learn how to enable these hidden security controls. ...
M365 Token Protection Sep 6, 2025

Your organization deployed multi-factor authentication. Password attacks dropped to zero. Credential stuffing became irrelevant. You won the authentication war.

Then the attackers adapted.

Cybercriminals realized they don’t need to break down your front door when they can steal your house key after you’ve already unlocked it and walked inside. This approach bypasses MFA entirely because the authentication already happened—legitimately.

You’ll see it in your logs as successful sign-ins from legitimate user accounts. No failed password attempts. No MFA bypass alerts. Just normal-looking authentication events that aren’t normal at all.

...
When Hackers Get Through Your Municipal Risk Management Reality Aug 31, 2025

When Hackers Get Through: Your Municipal Risk Management Reality

Your job isn’t fighting hackers. It’s protecting your community’s ability to function when hackers win.

Recent incidents across Canada prove a harsh reality: sophisticated attackers eventually breach even well-defended organizations. The City of Hamilton faced an $18.5 million ransom demand. BC’s government networks suffered “sophisticated cybersecurity incidents” from state-sponsored actors. These weren’t IT failures—they were organizational crises that tested every aspect of municipal leadership.

...
AI Agent Risk CIA Triad May 25, 2025 Comprehensive analysis of 24 AI agent security risks reveals critical patterns for enterprise security professionals. ...
The Sixth Element: AI Agents as a New Security Paradigm May 4, 2025

Introduction

Modern security frameworks recognize five interdependent components that form a complete digital ecosystem: Users who interact with systems, Devices that provide access points, Networks that connect components, Applications that perform functions, and Data that holds value.

What happens when a new species enters this carefully balanced ecosystem? AI Agents—with their ability to act autonomously, access sensitive resources, and make consequential decisions—create ripple effects throughout our existing security paradigms.

Unlike adding another device type or data classification, integrating AI Agents into our security thinking requires a fundamental reconsideration of how we define protection boundaries. These entities exist simultaneously across multiple domains, blurring the lines between user and application, between data processor and decision-maker.

...
How I Work with Obsidian Aug 15, 2023

How it all began

As I mentioned here, I’ve tried many different productivity tools for keeping myself organized at work but I’ve settled on Obsidian.
It was going to be a demo for a co-worker.
I started very simple, a note for each day, using the Daily Note plugin - no template, just a blank space where I put the various projects names and a line or two about status. I probably had the Calendar plugin installed - because it makes it easier to work with the Daily Note and I like having the calendar on the screen.
I probably had two notes named after clients - so I could use wiki links - and one or two notes for Projects. I gave the demo, explained how easy it was to work with and the potential benefits - I made a new daily note during our demo and added more data, I showed some basic markdown, all the typical demo things. Later I did the same demo for one of our Service Delivery Managers.
When I was going through it the second time I realized I should probably use it for myself.

...
How I Study with Obsidian Aug 11, 2023

As I mentioned here, I use Obsidian to prepare for tests.
I have a simple process for preparing:

  1. Exam Prep note
  2. Find study material sources
  3. Create Topic Notes
    1. Gather data into Topic Notes
      1. Make content my own
  4. Turn Topic Notes into slides
  5. Review slides
  6. Take practice tests
  7. Add content to address weaknesses
    1. New notes specific to a part of the content/category
  8. Repeat steps 4, 5 & 6
  9. Take exam
  10. Consistency

This process has worked for me - I’ve passed 100% of the tests I taken using this method, on my first attempt.

...
Obsidian Aug 3, 2023 How I use Obsidian in 2023 ...