Tag: Strategies
If we think about vulnerabilities in this way, as a matter of action signaling, then malicious actors are, in their own malicious way, members of our audience. Applications are engineered to function, but they are designed to signal. The specific ways we design apps tell our audience how we expect them to act. When we…
Read MoreWhat Is Cybersecurity, Anyway? Another issue in our field is that many organizations seem to build security staffing requirements around a bachelor’s degree in computer science. It is possible that this was a good strategy once, but computer science degrees and security are increasingly mismatched, for several reasons. Most people in computer science programs want…
Read MoreRegulators are increasing enforcement actions and penalties against the big banks for failures in cyber risk management, and the rest better take notice. Between August and October of 2020, the Office of the Comptroller of the Currency (OCC), an independent bureau of the U.S. Department of the Treasury, imposed $625 million in fines on major…
Read MoreClosing the Cybersecurity Skills Gap, Part 3 In part one of our discussion on the cybersecurity skills gap, we discussed how organizations can develop their own cybersecurity professionals as opposed to trying to hire them. In part two, we explored where to begin in cybersecurity and the basic skills needed any cybersecurity professional needs. Now…
Read More“Those that fail to learn from history are doomed to repeat it.” Winston Churchill’s paraphrased wisdom rings true 72 years later as we brace ourselves for evolving cyber threats. Many companies have thousands of applications with long lost source code written by developers from days gone by, and no solution in place to understand the…
Read MoreWhy does vulnerability management fail? There are a couple of reasons: Enterprise IT teams can’t keep up with all the vulnerabilities because secure coding hasn’t been, and still isn’t, a priority across all organizations that write software. In a recent F5 security event where 300 participants responded to live polling, 21% of respondents said they…
Read MoreThe Power of Data Massive amounts of new data are generated every day. In 2017, IBM calculated that 90% of all the world’s data had been created within the past two years. Data shapes our knowledge, decisions, and everyday life; data has power. Thanks to the fact that technology devices are getting smaller and smaller,…
Read MoreDo All the Things IT folks face a grand challenge. They’re being pushed more than ever to secure more services faster, with fewer resources. Applications are now more critical than ever. And apps now need to be available 24×7 everywhere. On top of that, they need to be more responsive to changes, faster, and able…
Read MoreCan’t We Just Get Rid of Passwords Now? Shape Security and F5 Labs recently published the 2021 Credential Stuffing Report, which is the product of a multi-year collaborative research project that evolved from Shape’s original Credential Spill Report. This year’s report covers the lifecycle of credential theft in detail, from the original theft of usernames…
Read MoreEven Strong Defenses May Contain Weaknesses One could argue that fraudsters’ tactics are not novel and that investing in specialized products with machine learning and artificial intelligence should solve the issue of fraud. But somehow fraudsters still manage to outsmart security defenses. In a recent discussion that F5 Labs had with the head of the…
Read More