A CISO Landmine: No Security Awareness Training

blog / Nov 14, 2017 (MODIFIED: Nov 17, 2017)

by Mike Levin, Center for Information Security Awareness

CISOs who fail to prioritize security awareness training are putting their business and assets at serious risk.

Is a Good Offense the Best Defense Against Hackers?

blog / Nov 09, 2017 (MODIFIED: Nov 16, 2017)

by Ray Pompon

Proposed legislation could change existing laws that bars victims of hacking attacks from striking back.

How to Be a More Effective CISO by Aligning Your Security to the Business

blog / Oct 17, 2017 (MODIFIED: Nov 14, 2017)

by Ray Pompon

Security must align to the business needs, not the other way around. Begin with investigation and understanding to be most effective.

Six Steps to Finding Honey in the OWASP

blog / Aug 31, 2017 (MODIFIED: Oct 17, 2017)

by Ray Pompon

According to Verizon’s 2014 Data Breach Investigations Report, “Web applications remain the proverbial punching bag of the Internet.” Things haven’t improved much since then. What is it about web applications that makes them so...

Achieving Multi-Dimensional Security through Information Modeling—Executive Threat Modeling Part 3

blog / Aug 23, 2017 (MODIFIED: Oct 10, 2017)

by Ravila White

How InfoSec leaders can build successful threat models by defining the threat landscape and its component resources, then asking simple, situational questions.

What Are You Doing to Protect Critical Infrastructure?

blog / Jul 25, 2017 (MODIFIED: Nov 10, 2017)

by Mike Levin, Center for Information Security Awareness

Protecting our critical infrastructure is everyone’s responsibility, and there are many ways we can all do our part.

Achieving Multi-Dimensional Security through Information Modeling—The Master Model Part 2

blog / Jun 22, 2017 (MODIFIED: Aug 03, 2017)

by Ravila White

Understanding the customer segment of your organization is critical to developing a strategy that ensures regulatory compliance.

Achieving Multi-Dimensional Security through Information Modeling – Part 1

blog / May 04, 2017 (MODIFIED: Jul 18, 2017)

by Ravila White

Information modeling blends lateral thinking and deductive logic. Applied to information security, it’s a powerful technique for designing a security architecture with multi-dimensional controls that minimizes risk and achieves continuous compliance.

7 Upgrades to Level Up Your Security Program Experience

blog / Apr 28, 2017 (MODIFIED: Jul 06, 2017)

by Ray Pompon

When you feel like you’re losing the security battle, try one, a few, or all of these tips to re-invigorate your program and stay on a positive track.

Building Secure Solutions Successfully Using Systems Theory

blog / Feb 23, 2017 (MODIFIED: Jul 06, 2017)

by Ray Pompon

When security solutions don’t work as planned, embrace the complexity and use Systems Theory tools to adjust, regulate, and redefine.

Application Threat Intelligence: What Do CISOs Need?

blog / Jan 18, 2017 (MODIFIED: Jul 06, 2017)

by Mike Convertino

I’ve mentioned before how important strong risk management is to a CISO. When it comes to risk, the applications our users depend on are a big concern. In F5's 2016 State of Application Security survey, a majority of respondents cited security around applications as an area of great concern.

stay up to date

Get the latest application threat intelligence from F5 Labs.

There was an error signing up.
Thank you, your email address has been signed up.

Follow us on social media.