Hi, and welcome to my site. I'm Mimi (Mary Ursula) Herrmann, known on the 'Net since 1985 as Lothie. This site has been in existence in some form since 2000, originally as a personal domain, and more recently to support my Information Security related writing.  

I have worked in various Infosec roles since 1996, when I joined Trusted Information Systems, the company that created the Gauntlet firewall family and related products. I obtained my CISSP in 2005 and continue to hold it in good standing.  

While I enjoy "getting my hands dirty" in implementation and services, my greatest strength is in writing about security-related matters, and especially in presenting complex processes to high-level or end-user audiences. I'm also really good at detailing processes and doing product comparisons.


I provide documentation for your Infosec company's needs. This documentation includes (non-exhaustive list):

  • web content (who, what, how, why, bios, products/services)
  • whitepapers
  • user manuals
  • internal manuals (processes or research)
  • blogging
  • brochures

How (and Rudimentary Pricing)

My process is fairly simple. I will sit down with you and your team(s) to determine your needs. You'll tell me what your business or product does, and what types of documentation you need, and we'll work out a timeline and talk about what you want to see first. I'll begin to outline documentation and have an initial presentation to you within a week's time, in most cases. Further meetings and rehashes of documentation needs are always feasible, and I encourage them. If I must travel outside the DC Metro Area to meet you, you must pay travel expenses. I always suggest that the initial meeting(s) be face to face, but whenever possible I will use virtual spaces for subsequent meetings (however the choice is up to you).  

My pricing structure is based solely on what documentation you select. In other words, if you want only web site content, you don't also have to pay for blogging if you don't want or need it. If you do decide that you need more content or further services, we'll negotiate that down the road. Alternatively, you can retain me for a number of months at an agreed-upon flat rate, again based on what type of documentation services you will require. For ongoing services such as blogging, a monthly retainer is always required. A full pricing sheet will be available at our initial meeting and special cases are negotiable.


Information security is a relatively new, and ever dynamic, field. There are a lot of new ideas, and that means a lot of startups. Once the idea has legs, you want to give it a voice as soon as possible. I am that voice.


You can reach me initially at inquiries at lothie dot com, and expect a response within one business day. After the initial contact, I'll provide you my phone number as well.