Blogging over at F5 Labs...
F5 Labs CISO to CISO:Cyber Insurance: Read the Fine Print!
“We’ve just traced the attack... its coming from inside the house!” How do you secure your network when the bad guys already have control of your servers? It’s so hard to keep up with the attacks, maybe it’s safer to architect with the assumption that you’ve already been breached. What does this entail?
Wednesday, March 29, 2017
Blogging elsewhere: Can Audits Help Us Trust Third Parties?
Wrote about audit and third parties over at F5 Labs
F5 Labs CISO to CISO:
F5 Labs CISO to CISO:
Can Audits Help Us Trust Third Parties?
Friday, March 17, 2017
Blogging over at F5 Labs
In case you missed it, I've been doing a lot of blogging over at F5 Labs.
The Humanization of the Security Leader: What CISOs Need to Be Successful
When someone from the IT group gets promoted into security management, a common first lesson is that “geek culture” is ineffective in the boardroom. Just watch one episode of The Big Bang Theory and you’ll recognize the classic nerd character...
How Three Low-Risk Vulnerabilities Become One High
Revisting van Beek's Microsoft Exchange Autodiscover vulnerability to make it much deadlier. (Co-author)
Using F5 Labs Application Threat Intelligence
As security professionals, we often feel like we’re fighting a losing battle when it comes to cyber security. (Co-author)
The Risk Pivot: Succeeding with Business Leadership by Quantifying Ops Risk
Getting the security investments you need often comes down to making your case to management in terms of operational risk.
The Conflicting Obligations of a Security Leader
Faced with competing pressures, CISOs are ultimately the experts at assessing what’s truly at stake in their organizations.
Building Secure Solutions Successfully Using Systems Theory
When security solutions don’t work as planned, embrace the complexity and use Systems Theory tools to adjust, regulate, and redefine.
DNS Is Still the Achilles’ Heel of the Internet
Since the Internet can’t survive without DNS, let’s make our best effort to defend it.
Will Deception as a Defense Become Mainstream?
Defensive deception works well, but needs championing before we’ll see it as a best practice or compliance requirement.
Follow the F5 Labs posts via RSS
The Humanization of the Security Leader: What CISOs Need to Be Successful
When someone from the IT group gets promoted into security management, a common first lesson is that “geek culture” is ineffective in the boardroom. Just watch one episode of The Big Bang Theory and you’ll recognize the classic nerd character...
How Three Low-Risk Vulnerabilities Become One High
Revisting van Beek's Microsoft Exchange Autodiscover vulnerability to make it much deadlier. (Co-author)
Using F5 Labs Application Threat Intelligence
As security professionals, we often feel like we’re fighting a losing battle when it comes to cyber security. (Co-author)
The Risk Pivot: Succeeding with Business Leadership by Quantifying Ops Risk
Getting the security investments you need often comes down to making your case to management in terms of operational risk.
The Conflicting Obligations of a Security Leader
Faced with competing pressures, CISOs are ultimately the experts at assessing what’s truly at stake in their organizations.
Building Secure Solutions Successfully Using Systems Theory
When security solutions don’t work as planned, embrace the complexity and use Systems Theory tools to adjust, regulate, and redefine.
DNS Is Still the Achilles’ Heel of the Internet
Since the Internet can’t survive without DNS, let’s make our best effort to defend it.
Will Deception as a Defense Become Mainstream?
Defensive deception works well, but needs championing before we’ll see it as a best practice or compliance requirement.
Follow the F5 Labs posts via RSS
Subscribe to:
Posts (Atom)