Writing on what actually matters.
Practical reading on cybersecurity, charity-sector compliance, and Canadian IT operations — from the engineers who do the work. No SEO filler, no "10 things you should know" listicles. Long-form when something is worth saying.
Recent writing
Latest insights.
NIST CSF 2.0 for Canadian SMBs — what's actually new
The Cybersecurity Framework 2.0 added a sixth function (Govern) and refocused the rest. For a Canadian SMB, the practical shift is about ownership, not new controls.
COMPLIANCEPIPEDA, Quebec Law 25, PHIPA — a privacy primer for Canadian nonprofits
Three privacy regimes apply to most Canadian charities, and they don't all say the same thing. A short, no-jargon guide to what each one actually requires, who it applies to, and where they conflict.
COMPLIANCESubscribe
New writing, when there is something to say.
No marketing, no sales drips. Just the writing.