01
Threat Modeling and Detection in Operation: Analysis of the 2026 Stryker Intune Incident
In Q1 of 2026, perhaps the most shocking news in cybersecurity was the Stryker Intune “Wipe” attack. The incid...
Threat Modeling · Apr 11, 2026
Security stories from inside the work.
Explore topicsPaige Y. H. writes about cyber security strategy, risk, and operations as they happen in practice.
Strategy · Operations · Risk
Latest insights
All insights02
From Strategy to Operations (Part II): Designing a Sustainable, Risk-Aligned IR Capability
Sustainable incident response is not achieved through tooling or playbooks alone. It emerges when incident res...
Incident Response · Mar 1, 2026
03
From Strategy to Operations (Part I): When Incident Response Operates Without Risk Context
Incident Response (IR) is a core capability of the modern enterprise, with its maturity increasingly scrutiniz...
Incident Response · Feb 28, 2026
About Paige
Practical security solutions at the intersection of risk, strategy, and execution.
I am a CISM-certified security professional documenting how security capabilities operate in practice. The goal is to translate between technical execution and risk thinking, examining how detection, response, identity, vulnerability management, and emerging technologies function in real environments.
Profile
My work spans security programs across industries and countries, with a consistent focus on turning cybersecurity goals into sustainable operations for real teams.
This blog is for security professionals across technical operations and governance roles, exploring how security capabilities behave in practice and what they mean for risk management.
- Security strategy
- Risk governance
- Operational resilience
Operating lens
Decision quality first
Translate complex security technicalities into clear, actionable tradeoffs that empower leaders to move with confidence and speed.
Operational Connectivity
Ensure every technical control has a home in governance; if a detection doesn't inform the risk landscape, it isn't finished.
Contextual Governance
Bridge the gap between policy and practice by ensuring every control is practical, measurable, and aligned with the actual risk appetite.
Read next
Archive explorer
Drift through Paige's field notes like a living board.
Search by keyword, narrow by topic, and browse at your own pace.
/
3 visible of 3
01
2026.4.11
Threat Modeling · 5 min read
Threat Modeling and Detection in Operation: Analysis of the 2026 Stryker Intune Incident
In Q1 of 2026, perhaps the most shocking news in cybersecurity was the Stryker Intune “Wipe” attack. The incident resulted in the factory reset of an estimated 200,000 devices glob...
Open note02
2026.3.1
Incident Response · 5 min read
From Strategy to Operations (Part II): Designing a Sustainable, Risk-Aligned IR Capability
Sustainable incident response is not achieved through tooling or playbooks alone. It emerges when incident response operates as a living component of enterprise risk management—whe...
Open note03
2026.2.28
Incident Response · 5 min read
From Strategy to Operations (Part I): When Incident Response Operates Without Risk Context
Incident Response (IR) is a core capability of the modern enterprise, with its maturity increasingly scrutinized by regulatory and industry frameworks. Yet, a persistent gap remain...
Open note