Security stories from inside the work.

Explore topics

Paige Y. H. writes about strategy, risk, and operations as they happen in practice. The focus is clarity, not promotion.

Strategy · Operations · Risk

Latest insights

All insights

01

[DEMO] Everyone Thinks They Know Who's in Charge During an Incident. More Than Half Are Wrong.

The plan says one thing. The incident reveals another. Authority shifts, decisions stall, and the attacker gai...

Incident Leadership · Feb 23, 2026

02

[DEMO] Third-Party Risk Management Is Broken. Here Are 5 Reasons Your Vendor Program Isn't Working in Practice

Most TPRM programs look complete on paper. Tiered vendors, questionnaires sent, boxes checked. But the real qu...

Risk Governance · Feb 23, 2026

About Paige

Operator-minded security writing from the intersection of strategy, risk, and delivery.

Paige Y. H. is a CISM security professional documenting what actually holds up in practice, not just what looks complete on paper.

Profile

Her work spans security programs across industries and countries, with a consistent focus on turning cybersecurity goals into sustainable operating systems for real teams.

This publication is an open archive of those patterns: what to prioritize, how to frame risk in plain language, and how to ship controls that remain useful after handoffs.

Security strategy
Risk governance
Operational resilience
Incident leadership

Operating lens

Decision quality first
Translate complex security choices into clear tradeoffs leaders and operators can act on quickly.
Built for day-two reality
Design controls that survive staffing shifts, delivery pressure, and cross-team dependencies.
Global, cross-industry view
Apply lessons from multiple sectors and regions without importing process for process's sake.

Drift through Paige's field notes like a living board.

Search by keyword, narrow by topic, and browse at your own pace. Every card is a full post with operational detail.

/

2 visible of 2