Projects

Artificial Intelligence / Shared Object Networking

Rethinking Knowledge Systems: Why I’m Building SON 2.0

We’re living in a paradox. Our tools for generating information have never been more powerful, yet our ability to trust, connect, and reason over that information feels more fragile than ever.

Large language models are breathtaking in what they can produce, but they also blur the line between fact and fabrication. Graph databases and retrieval systems capture fragments of truth, but struggle to scale across organizations, let alone entire industries. What’s missing is a framework that allows knowledge to be persistent, decentralized, and transparent about its origins.

That’s the problem I’m working on with Shared Object Networking (SON) 2.0.

What SON 2.0 Is AboutSON 2.0 is not just another knowledge graph. It’s a layered protocol for knowledge and reasoning — a system where:

  • Objects (facts, events, evidence) are preserved in context, never blurred together.
  • Layers separate what is observed, what is inferred, and what is policy-driven, so decisions can be traced back and explained.
  • Decentralization allows multiple organizations to contribute and consume knowledge without surrendering sovereignty or control.
  • Security and trust are built in from the ground up — with encryption, access policies, and audit trails that make the system compliant by design.

It’s an architecture where AI doesn’t just generate answers, but also explains its reasoning by showing the evidence and the layers of logic it used to get there.

Why Now

We’ve reached the point where compliance, security, and trust are no longer nice-to-haves in AI — they’re existential. If you work in the Defense Industrial Base, finance, healthcare, or any regulated industry, you can’t just bolt on a chatbot and call it a solution. You need explainability, provenance, and alignment with frameworks like NIST 800-171 and CMMC baked into the system.

That’s what SON 2.0 is designed to deliver.

Where AI Fits

I see AI not as the “brain” of SON, but as one of its consumers and contributors. Models can propose hypotheses, enrich connections, and generate narratives — but only within the guardrails of SON’s object model and evidence layers. That way, the creativity of AI is harnessed without sacrificing traceability or truth.

The Road Ahead

SON 2.0 is ambitious: a protocol, not just a product. But the payoff is worth it. A world where knowledge is transparent, explainable, and shareable across boundaries could reshape how we conduct investigations, secure supply chains, and even teach machines to reason responsibly.

This is still early work — but I believe it’s foundational. If we can get this right, we move closer to an AI-enabled future that serves people, not the other way around.

A Manifesto for Human Agency in Knowledge Systems

Shared Object Networking

Cybersecurity Maturity Model Certification (CMMC)

Making Sense of CMMC: What It Means and How We Help

The Department of Defense has made it clear: cybersecurity is no longer optional for companies in the Defense Industrial Base. Through the Cybersecurity Maturity Model Certification (CMMC), DoD is requiring every contractor—large primes and small subs alike—to prove they can safeguard Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).

I spend much of my time helping executives, boards, and program leaders understand what this actually means. The short version is:

  • DFARS 252.204-7012 already requires companies to implement NIST SP 800-171 and report incidents within 72 hours.
  • DFARS 7019 and 7020 require contractors (and their subs) to have current assessment scores posted in the Supplier Performance Risk System (SPRS).
  • DFARS 7021 brings CMMC itself into force. Starting November 2025, many contracts will require a current third-party CMMC Level 2 certification at award.

In practice, this means contractors must:

  • Define the scope of their systems handling CUI or FCI.
  • Develop a credible System Security Plan (SSP) and Plan of Action & Milestones (POA&M).
  • Post and maintain their SPRS score.
  • Build the policies, processes, and technical safeguards needed to pass a third-party CMMC Level 2 assessment.

From my work with organizations across the DIB, one message stands out: this is not a quick project. Even companies with solid security programs typically need 12–24 months to get ready for certification. That’s why I’ve developed pre-assessment scoping exercises, evidence checklists, and executive briefings that cut through the noise and give leaders a clear path forward.

CMMC isn’t just an IT checklist. It’s a business survival issue—contracts, revenue, and reputation are on the line. My role is to help companies translate regulatory language into a practical roadmap: one that executives understand, contracting officers can trust, and assessors can validate.

CyberFoundry CMMC Landing Page

BSides Bloomington

Behind the Scenes at BSides Bloomington: Shaping the Conversation

Community events like BSides are where some of the most authentic conversations in cybersecurity happen. No flashy vendor booths, no sales pitches—just practitioners, students, and leaders sharing knowledge, solving problems, and pushing the field forward.

I’ve had the privilege of serving as Content Director for BSides Bloomington, where my role is to help shape those conversations. That means:

  • Working with speakers to refine talk proposals and make sure sessions hit the right balance of technical depth and accessibility.
  • Curating a program that covers both bread-and-butter skills (incident response, forensics, compliance) and frontier topics (AI, threat intelligence, and beyond).
  • Ensuring the content reflects the diversity of our community—voices from large enterprises, small businesses, academia, and passionate individuals alike.

What I love about this work is the chance to create an environment where everyone—from first-time attendees to seasoned CISOs—walks away with something new they can use. It’s about building a local hub of cybersecurity learning that connects Bloomington to the broader security community.

If you’ve ever considered attending or speaking at BSides, I encourage you to join us. You’ll find a welcoming community, a stage for fresh ideas, and the chance to be part of a movement that makes cybersecurity more open, collaborative, and resilient.

BSides Bloomington Web Page

Le Droit Humain

Le Droit Humain: A Different Tradition in Freemasonry

When people think of Freemasonry, they often picture a fraternity—centuries-old, rooted in tradition, and historically limited to men. Le Droit Humain, formally known as The International Order of Freemasonry for Men and Women, Le Droit Humain, offers a very different path.

Founded in France in the late 19th century, Le Droit Humain was built on the principle of equality between men and women in Freemasonry. At a time when women were excluded from most Masonic lodges, this was a radical idea. The order created space for both men and women to participate fully, not just symbolically, in the rituals, governance, and philosophical work of the craft.

Today, Le Droit Humain is an international body with federations, jurisdictions, and lodges across the globe. It remains committed to values that resonate strongly in modern life: universal human rights, equality, fraternity across borders, and the pursuit of truth through reason and symbolism. While traditional Masonry often maintains national boundaries, Le Droit Humain has always envisioned itself as international—uniting members beyond geography, religion, or gender.

What makes Le Droit Humain especially interesting is its balance of tradition and progress. It preserves the rituals and symbolism of Freemasonry while opening the doors wider to reflect the world we live in today. For many, it offers a sense of belonging to a historic institution, without having to compromise on values of inclusivity and equality.

In a time when questions of diversity and equity touch every field, Le Droit Humain shows how even the most traditional of institutions can evolve—and thrive—by embracing the principle that human rights come first.

Le Droit Humain International Web Page

Mensa International

Mensa and SecSIG: Building a Community Around Security

Mensa is best known as the international high-IQ society, bringing together people from every walk of life who score in the top two percent on standardized intelligence tests. But beyond the headline, Mensa is also a community platform: it hosts thousands of members who form Special Interest Groups (SIGs), each focused on a shared passion—from the arts and sciences to travel, technology, and beyond. These groups give members a way to connect more deeply around common interests while tapping into the diversity and creativity of Mensa’s global membership.

Within this network, I serve as the Coordinator for SecSIG (secsig.org), Mensa’s Special Interest Group dedicated to security, privacy, and intelligence topics. Our mission is to create a space where members can explore cybersecurity, information security, national security, and adjacent fields in a way that is collaborative, accessible, and forward-looking.

As coordinator, my role is to:

  • Curate and guide discussions across a wide range of security topics, from technical practices to policy and strategy.
  • Organize community activities—such as talks, virtual meetups, and participation in Mensa events like the Annual Gathering.
  • Connect practitioners and enthusiasts—bridging the gap between experts working in the field and members with curiosity about security issues.
  • Grow the SIG by encouraging participation, fostering inclusive debate, and ensuring members feel welcomed regardless of background or technical expertise.

SecSIG is about more than just cybersecurity—it’s about understanding the systems and structures that shape our digital and physical security environment. From AI and compliance challenges to emerging threats, our group offers Mensans a place to engage deeply with some of the most pressing issues of our time.

For Mensa members looking to explore security in all its dimensions—or for security professionals seeking a thoughtful, high-caliber community—SecSIG is that forum.

Mensa SecSIG Web Page

Lockpicking as a Learning Sport

One of the most unique parts of my work with Mensa and SecSIG is introducing both kids and adults to lockpicking as a sport. For many highly curious people—especially in Mensa—so much of life happens “in the head.” Lockpicking flips that experience. It’s tactile, hands-on, and demands presence in the moment.

By practicing on training locks in a safe, ethical environment, participants get a visceral outlet for curiosity. It’s a way to step out of pure abstraction and into a skill that requires focus, dexterity, and patience. Much like chess or puzzle-solving, it’s mentally stimulating—but unlike those, it also engages the body in a direct and physical way.

We frame lockpicking not as breaking in, but as sport and self-awareness. It builds problem-solving skills, teaches respect for physical security, and often becomes a creative hobby in its own right. For younger Mensans, it’s a safe way to learn how curiosity and discipline can go hand in hand. For adults, it’s a reminder that learning doesn’t have to stay theoretical—it can be felt in your fingertips.

Learning Lockpicking Presentation