Filter By:
Velocity's Edge Podcast S1E9 - Nick Selby on Factionalism
When leadership is struggling with organizational dysfunction that stems from resource constraints, they tend to see teams in conflict: product versus engineering, sales versus operations, etc. They might assume the solution involves coaching, restructuring reporting lines, adjusting compensation models, or hiring more diplomacy-minded managers. But as EPSD’s Nicko Goncharoff and Nick Selby have learned through years of organizational interventions, the biggest threat to mid-stage technology companies isn’t functional disagreement. It’s the personal resentment that calcifies when strategic pivots in the business force zero-sum resource allocation.
Read more
Velocity's Edge Podcast S1E8 - Dr. Pablo Breuer on CISO Leadership
Many organizations hire Chief Information Security Officers (CISOs) expecting them to be security experts who can implement controls and prevent breaches. But as Dr. Pablo Breuer learned through 22 years in Navy cyber operations and leadership roles spanning National Security Agency red teams to Fortune 50 financial firms, the fundamental challenge isn’t technical — it’s that most companies don’t understand what they actually need from a CISO in the first place.
Read more
Velocity's Edge Podcast S1E7 - Peat Bakke on Operationalizing Decision Records
When Peat Bakke sits down for breakfast with engineering leaders, the conversation inevitably turns to the same frustrating pattern: talented people leave, and with them goes critical context about why systems work the way they do. Not just the technical details—those live in the code—but the reasoning behind architectural and technical choices, the problems those choices solved, and crucially, the alternatives that were deliberately rejected.
Read more
Velocity's Edge Podcast S1E6 - Thomas Dullien & Chris Swan on Decision Records
Most engineering leaders think institutional knowledge loss is an inevitable cost of growth. They see departing employees take critical context with them—why certain processes exist, what problems they solve, how trade-offs were evaluated—and assume the solution involves better handoff documentation or knowledge transfer sessions. But as EPSD Advisory Board members Thomas Dullien and Chris Swan learned through building and scaling organizations, the biggest risk isn’t losing people; it’s losing the reasoning behind the decisions those people made.
Read more
Velocity’s Edge Podcast S1E5 - Sarah Wells on Cultural Change
Most engineering leaders think velocity problems are technology problems. They see slow deployments and assume the solution involves better CI/CD pipelines, more developers, or migrating to microservices. But as Sarah Wells discovered as she experienced the digital transformation of the Financial Times, the biggest constraints aren’t in your codebase; they’re in your org chart.
Read more
Moneyball for Engineers
The history of management of software development is littered with failed and discredited efforts to objectively assess individual performance. There is little consensus in the industry, organizations vary widely in how they do this, subjectivity and politics are rife, and few (if any) engineering leaders are content with the status quo.
Read more
Velocity’s Edge Podcast S1E4 - Carla Geisser & Chris Swan on Crisis Engineering
As Carla Geisser puts it: “The incidents that actually matter to how people interact with technology are not security incidents … They are things like, they can’t log into their bank account, they can’t buy their Taylor Swift tickets, they can’t get on an airplane.” And when everything’s on fire, most organizations make a critical mistake: they treat the crisis as the exception rather than the expectation. The companies that survive and thrive are those that understand a fundamental truth: if your business is growing, crises aren’t anomalies—they’re predictable outcomes of scale.
Read more
Velocity’s Edge Podcast S1E3 - Melanie Ensign on Strategic Communications
Most organizations think of security communications as ‘crisis management’: what to say when something goes wrong. But waiting until an incident occurs to build relationships, establish trust, and create communication channels severely limits your response options.
Read more
“Technical Debt” and Making the Case for Engineering Work
Every engineering organization I work with has a challenge: making the case for the work you need to do as an engineering team that doesn’t directly result in new or improved features.
Read more
Nick Selby for Fast Company: Tech debt isn’t an ‘IT issue.’ It’s a business strategy
This article by EPSD’s Managing Partner, Nick Selby, appeared in Fast Company’s “Ask the Experts” section on 21 August 2025. Read the excerpt below, and please click through for the full text.
Read more
Velocity’s Edge Podcast S1E2 - Huw Rogers on Tech Debt
If you’re leading a profitable, cash-flow-positive business, you’ve probably watched technical debt pile up: those accumulated consequences of choosing quick fixes over well-designed, long-term solutions. If you’re not carefully managing it, it can become overwhelming.
Read moreVelocity's Edge Podcast S1E1 - Sarah Wells on Strategy
What makes an effective product engineering strategy? In the debut episode of the Velocity’s Edge podcast, host Nicko Goncharoff speaks with Sarah Wells about the importance of strategy to engineering effectiveness.
Read more
Announcing Velocity's Edge: Where Speed Meets Strategy
We’re thrilled to announce the launch of Velocity’s Edge, EPSD’s new podcast premiering this Wednesday. Velocity’s Edge brings you to the pivotal point where speed meets strategy—that critical spot where the wrong decision can capsize your organization, while the right one propels you forward. Each 20-minute episode delivers insights from battle-tested experts who’ve guided C-suites and boards through moments when they’ve needed to navigate crises with speed and authority.
Read more
EPSD Announces Appointment of Nicko Goncharoff as Chief Operating Officer
Technology veteran brings 30+ years of experience building and scaling data-driven businesses across global markets EPSD, the authority on technical consulting that drives business transformation, is pleased to announce the appointment of Nicko Goncharoff as Chief Operating Officer. Nicko brings more than three decades of experience building, scaling, and leading technology and data-driven businesses, including co-founding three successful startups and serving in senior executive roles at global analytics firms.
Read more
Selecting a F-CISO, Part III: Making the Decision and Setting Up for Success
This is Part 3 of our series on selecting fractional CISOs. Part 1 and Part 2 covered evaluating experience, program-building skills, cultural change capabilities, and threat response experience. Now we’ll focus on avoiding common pitfalls, making the final decision, and ensuring your F-CISO succeeds.
Read more
Selecting a F-CISO, Part II: Assessing Cultural Change and Threat Response Capabilities
This is Part 2 of our 3-part series on selecting fractional CISOs. In Part 1, we covered evaluating experience and program-building skills. Today, we focus on the harder-to-assess but equally critical capabilities: driving cultural transformation and managing real-world security threats.
Read more
Selecting a F-CISO, Part 1: Evaluating Experience and Program-Building Skills
This is Part 1 of our 3-part series on selecting and managing fractional CISOs. Our previous post explored the strategic rationale for deploying a fractional CISO before hiring your first permanent Chief Information Security Officer. Part 2 covers evaluating experience, program-building skills, cultural change capabilities, and threat response experience.This series provides a comprehensive guide to finding the right change agent for your organization’s security transformation.
Read more
Strategic Deployment of a Fractional CISO
Before hiring their first Chief Information Security Officer (CISO), CEOs and boards should consider a fractional CISO (F-CISO) to build foundational security programs that set the permanent CISO up for success. This strategy addresses a critical disconnect: executives often view security breaches and compliance failures as technical problems, but these business-threatening issues typically stem from cultural and process deficiencies requiring organizational transformation, not just technical expertise.
Read more
How Strategic Tech Investments Cut Our Insurance Costs by a Third
In early 2025, as EPSD spun out into independent operations, we made some bold strategic technology decisions. We made initial up-front IT investments of less than 10% over “good enough” choices, and that increase delivered us a 31% insurance savings. Spending just a bit more on IT significantly raised the complexity and the cost attackers must bear to breach us, and resulted in measurable operational gains and user happiness.
Read more
The Currency of an Engineering Team Is Respect
The currency of an engineering team is respect, and this has nothing to do with position in the organizational hierarchy: instead, it’s about whether the person speaking knows what they are talking about. Do they make our work easier? Are the things they are asking us to do logical and consistent?
Read more
Succession Planning: A Surprisingly Common Business Risk
Fast-growing companies, particularly those in technology and high-stakes industries, often prioritize immediate operational needs over long-term planning. One critical area that frequently gets overlooked is succession planning—a business continuity essential that can create serious vulnerabilities if not properly addressed.
Read more
A CEO's Transparent Incident Response Communication
On May 11, Coinbase suffered a social engineering attack targeting their outsourced customer support department. Their SEC Material Cybersecurity Incident disclosure on May 15 revealed attackers obtained enough personal information to launch sucessful fake customer service attacks against Coinbase customers.
Read more
Security Incidents Aren’t “IT Problems”
Security incidents impact every part of an organization, not just IT. Companies that respond effectively are the ones that anticipate risks, plan ahead, and coordinate across departments—not just those that rely on technical teams to “fix the problem.”
Read more
The True Cost of Cybersecurity Incidents
Regardless of how it happens, when your customers can’t access your service, you can’t take payments, or you can’t pay suppliers, your business stops. Full stop.
Read more