I haven’t even reached my final form

All roads must end at some point, or at least reach a final turn-off. And I’ve arrived at my exit from Ars Technica, after nearly 9 years.  My last day is February 20.

It’s a bittersweet departure, but a necessary one…because I have an even better job awaiting me: doing threat research at Sophos Labs.

About a year ago, I was busy harassing some phishing kit operator just for fun, when my wife narrowed her eyes and said, “Can’t you get paid to do that?”  Honestly, I had thought about it before, but it wasn’t clear that I could get paid for it at the time. And then I started looking around.

Journalism skills I use every day–OSINT and other research, writing and editing–turn out to be very transferrable, as the number of journalists I know who have moved over to threat research and analysis seemed to suggest to me. And just as I started to really ramp up efforts to explore the option, one of those former journalists (Andrew Brandt) reached out to me to ask what I was up to.

And now, what I will be up to is working with Sophos Labs’ threat hunters, reverse engineers, and other researchers to pull together timely, technically deep but accessible research reports on the various threaty threats that are out there for a (hopefully) broader audience, while continuing to do some of my own spelunking into the world of internet crime, cyberwarfare, and what not.

In my spare time, I will continue to write about things, in various forms: national security things, broader infosec things, tech industry things. Some of them may appear here, or on some other website, or both.  I’ve got a book or three to write.