I wrote this article on LinkedIn in January, 2020. I’ve updated it here in March, 2021.

In 2019, I lost 50 pounds. By 2021, the total loss was 60. Many have asked me the secret, and I’ve told them all the same thing:

“It’s a complicated regime: I ate less and exercised more.”

Usually people kind of nod and smile at this. Of course, it’s oversimplifying things, and enough people have asked me how I did it that I figured I would make a short post about it.

Your mileage absolutely will vary, I’m not a nutritionist, or physical therapist…


In my last job, I struck up a conversation with the guy tasked with provisioning my mobile phone and laptop. He was working in IT support but said he really wanted to break into information security. Later, I spoke with my friend, the CISO, and mentioned the guy. Two months later, that guy was an infosec junior staffer, and a few months later, a threat analyst.

There’s a thrilling new wave of potential talent comprising people working in adjacent fields trying to break into information security. Sometimes they’re from IT, and sometimes, from adjacent fields like civil engineering, or marketing…


It’s no secret that data breaches have become so common that people tend to think, “Oh, another one,” and get on with their lives. What is surprising is how few executives of Internet companies we trust with our data have responded with better authentication to protect users.

Ironically, some of the least-protected sites are those that sell services to protect your identity: credit monitoring sites.

All Americans should consider their Social Security Number, date of birth, home address, phone number, the vehicles they’ve owned, schools they’ve attended, children’s names … all these “secret identifiers” to have long been compromised, and…


Plumbing specialists attempt to influence pressurized water.

A human resources guy I respect said something today that really hit home: when you’re discussing corporate values, listing the word, “Integrity” is really odd — if you need to list that as a corporate value, you’re really starting behind the meatball in terms of your hiring. I mean, we should be able to presume something, right?

Corporate values are an important part of corporate culture, and corporate culture is hugely important. …


A few times a year, we’ll hear on the local news the story of some cop who takes it upon himself, or a group of cops who get together from a sense of charity, to provide something wonderful for a member of the community.

Maybe it’s Christmas presents. Or shoes for an entire family, or just one homeless man, or diapers and kids shoes for a mom caught shoplifting.

The thing is, this happens on a daily basis.

What cops will never tell you is that while most people think cops have it made in terms of their job security…


Once, I was involved in an effort to break some bad habits. Among them, there had developed a cultural reliance on people who had become single points-of-failure.

I say a “cultural reliance,” because one guy who had emerged as the single-point-of-failure of some seriously critical things — the one person on whom all deployments and all production changes depended — had been hired to replace the last guy who had emerged as the single-point-of-failure — the one guy on whom all deployments and all production changes depended.

Single-points-of-failure are often well-intended people who, through individual actions to “fix things,” taken…


When I see things like someone calling the cops because a black man is wearing socks in a swimming pool, I remember why we made the @StreetCredPKIC database: so that there would be data about this.

In our book based on the PKIC data, We pointed out that in more than 80% of 2015 cases in which a cop shot an unarmed person, the cops had been called to the scene by a citizen — either through a 911 call, or by a citizen flagging down an officer.


You may have noticed a mountain of spam over the past month, telling you in breathless terms how the privacy rules are changing on every website you’ve ever visited. That’s the most obviously noticeable part of the GDPR.

GDPR — it stands for General Data Protection Regulation — is the European Commission’s way of starting to ensure (or at least, to marginally address) that the data of European Union citizens is not abused by companies. It involves specific steps meant to assure that data is handled securely, transparently, fairly, and minimally.

I was particularly amused at those who sent out…


Oh…and there’s no such thing as Santa Claus

Facebook’s business model is to sell information about you to advertisers, and that is how they make their money. The rule on the Internet and in publishing is and has always been that, if you can’t understand how they make money, then you are the product. Consider that in March, 2017, Forbes estimated that Mark Zuckerberg has an estimated net worth of $59.4 billion for providing a product given to you at no cost. Someone has to pay.

Congratulations: it’s you.

In its initial public offering, Facebook said,

“We enable advertisers to engage with more than 950 million monthly active…


If you’re surprised at the data Facebook keeps on you, you’re gonna love this.

As I watch the world having conniption fits over Facebook “privacy,” and discussions on the Twitters get increasingly breathless, I wonder how it is possible that people haven’t understood the value proposition provided by Facebook.

Like my friends in advertising, who refer to newspapers as “People who print come-on content on the back of ads,” security and privacy professionals view Facebook as a straight-up trade. Facebook offers something delightfully simple: they provide you with connections to friends and things you like in exchange for every datum about you. …

Nick Selby

Fintech Chief Security Officer. Former NYPD apparatchik. Co-author Cyber Attack Survival Manual; In Context: Understanding Police Killings of Unarmed Civilians.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store