blancos
Yo, I’m Brian Kimathi, a cybersecurity and IT systems enthusiast from Kenya, passionate about building secure digital environments and improving the world through technology.
With over 6 years of hands-on experience in system administration, cybersecurity operations, integrations, mobile money systems and more, I’ve worked on everything from securing backend infrastructures to helping companies respond to real-world cyber threats. My journey has taken me through diverse roles—system administrator at East African Data Handlers, privacy analyst at Techno Brain, senior systems analyst at Bowmans Law and tens of consulting roles..
Along the way, I’ve consulted on projects across the banking, telco, and social impact sectors. I enjoy getting my hands dirty with SecOps tools, system analysis, and threat response frameworks, but what drives me most is helping others understand and embrace the power of secure technology.
I hold a Bachelor’s degree in Computer Security and Forensics, certifications in networking and cybersecurity, and I’m currently exploring global opportunities in cybersecurity and infrastructure.
This blog is my little corner of the internet where I share security tips and tools, deep dives into IT systems and processes, stories from real-world projects, and mentorship advice for young professionals in tech.
If you're into tech, security, or figuring out this digital world you’ll feel right at home here.
Let’s connect, learn, and grow together.
The Quiet Dangers of Overlooking Basic Security Hygiene
blancos -
Basic security hygiene prevents more breaches than advanced tools, yet most teams overlook fundamentals while chasing sophisticated threats.
Your Password Strategy Is Wrong and Making You Less Secure
blancos -
The decades-old advice on password complexity is forcing users into insecure behaviors. Modern security requires a shift to passphrases, eliminating mandatory rotation, and embracing passwordless authentication.
Why API Security Is Your Biggest Unseen Threat Right Now
blancos -
APIs handle most web traffic but receive minimal security attention, creating massive unseen risks that traditional web security tools completely miss.
Security Teams Are Asking the Wrong Questions About AI
blancos -
Banning AI tools is a failing strategy that creates shadow IT. Security teams must pivot to enabling safe usage through approved tools, clear guidelines, and employee training.
The Illusion of Secure by Default in Modern Cloud Services
blancos -
Moving to the cloud does not automatically make you secure. Default configurations often create significant risks that organizations must actively address through proper tools and processes.
The Hidden Costs of Automated Security Tools
blancos -
Automated security tools often create more problems than they solve when implemented without strategic human oversight, leading to alert fatigue and missed threats.
The Real Problem With Security Awareness Training
blancos -
Security awareness training fails because it focuses on compliance rather than behavior change. The solution involves integrating security into daily work rather than treating it as a separate activity.
The Unseen Cost of Cloud Migration
blancos -
Cloud migrations create hidden security debt through rushed decisions and poor documentation, shifting rather than eliminating risk in ways teams often miss until it is too late.
Firewalls Alone Cannot Protect Your Cloud
blancos -
Firewalls cannot secure cloud environments alone because identity becomes the new security perimeter. Learn why configuration and access management matter more.
Identity Must Be the Core of Your Cloud Security
blancos -
Cloud security fails when identity becomes an afterthought. Learn why identity is the true perimeter and how to make it central to your defense strategy.
Why Hiding Cloud Resources Increases Your Security Risks
blancos -
Obscuring cloud resources creates dangerous blind spots rather than security. Learn why visibility with proper controls outperforms secrecy every time.
Compliance Alone Leaves You Vulnerable to Attack
blancos -
Passing compliance audits doesn't prevent breaches. Learn why attackers target compliant organizations and how to build real security beyond checklists.