Who I Am

I’m Ryan Hurst. I’ve spent my career working on the systems that help people and organizations know what to trust online. Most of that work has been in cryptography, identity, and the infrastructure that connects them.

I’ve worked on Windows security policy, helped rebuild the web’s certificate ecosystem, led large-scale identity systems in the cloud, and now focus on how automation can make assurance continuous and practical.

I lead Peculiar Ventures, where we help people build compelling products in AI, security, encryption, and identity. We also advise leaders on security assessments, rebuilding innovation engines, forming healthy teams, navigating crisis, and building modern compliance programs and systems that last.

What I’ve Built

At Google, I led Cloud Security and Trust Services, where my teams:

– Created Google Trust Services, one of the world’s largest certificate authorities

– Helped build Let’s Encrypt, which made HTTPS the default for everyone

– Advanced Certificate Transparency and Binary Transparency, now core parts of how the web checks its own integrity

– Built products such as Cloud CA, Managed Active Directory, and certificate lifecycle tools for Google Cloud

Before Google, at 21.co, I built systems and products to manage more than $100 million in Bitcoin safely and efficiently.

At GlobalSign, I helped lead the company’s recovery from the DigiNotar attacks and its move to in-house CA operations and engineering.

At Microsoft, I built and managed the company’s first Root Program, authored the EAP-TLS standard, and led enterprise networking, including technologies like DNS, DHCP, RADIUS, and Network Access Protection. I also led Cryptography in Windows and created the Windows Biometric Framework that became Windows Hello and contributed to PKIX and related standards and much more.

In every role I have focused on turning structural risk into lasting infrastructure that others can depend on.

What Drives Me

Good security is not about paranoia or perfection. It is about designing systems that stay honest under pressure.

I try to balance security, privacy, and business needs so that secure systems are not only strong but usable. Collaboration and transparency have always mattered more to me than compliance for its own sake.

My work has evolved from fixing individual protocols, to shaping how ecosystems stay aligned to exploring how reasoning itself can help keep them that way.

Beyond the Tech

When I am not building or advising, I write about the intersection of technology, policy, and human behavior. I mentor engineers and share what I have learned from building and repairing complex systems.

Security, at its core, is about keeping promises at scale.

You can find me on LinkedIn or @rmhrisk on Twitter, Bluesky, and other platforms. I’m always interested in discussing the intersection of security, privacy, and business innovation.

Want to connect? You can find me on LinkedIn or @rmhrisk on Twitter, Bluesky, and other platforms. I’m always interested in discussing the intersection of security, privacy, and business innovation.

2 thoughts on “Who I Am

  1. Sivaram

    Hi,
    I am interested in your JavaScript port for Zxing in GitHub. I am contacting you here as per the comment you left in GitHub issue page regarding sample test page. Nice articles by the way.

    Thank You,
    Siva

    Reply

  2. Pingback: Grundlagen: Einschränken der erweiterten Schlüsselverwendung (Extended Key Usage, EKU) in Zertifizierungsstellen-Zertifikaten – Uwe Gradenegger

Leave a Reply

Your email address will not be published. Required fields are marked *