Cybersecurity decisions are rarely purely technical. My work focuses on how organizational culture, leadership, and governance shape security outcomes, policy compliance, and ethical risk management.
More ↓I work at the intersection of cybersecurity operations, identity governance, and organizational security policy. My professional experience has shown me that security failures are rarely caused by missing tools, but by misalignment between technical controls, human behavior, and institutional decision-making.
My research interests focus on identity and access governance, security policy enforcement, and the human and organizational factors that influence cybersecurity outcomes. I am particularly interested in how leadership decisions, compliance culture, and risk tolerance affect the effectiveness of identity controls and incident response.
I approach cybersecurity as a socio-technical system where technology, policy, and human behavior must be studied together rather than in isolation.