As the Chief Information Security Officer at F5, it is my pleasure to welcome you to F5 Labs’ CISO to CISO section. This is an arena for frank and transparent discussions on all aspects of running an information security program. We’ll discuss topics like technical guidance on mitigating specific risks, as well as broader perspectives on building program maturity, communicating about security, new approaches, and ruminations on the future of the field.
Before I came to F5, I worked in security in one form or another for a wide range of organizations, including Washington Mutual, Fred Hutchinson Cancer Research Center, and as the CISO at Seattle Children’s Hospital. Every place I’ve worked has taught me something different about developing a program, leading a security team, and adapting to change—a changing world, changing architectures and a changing threat landscape. As my roles and responsibilities have grown, I have had to place greater emphasis on communication and politics, the “fuzzy” side of security that often goes unappreciated, so we have ensured that we address the broader questions here as much as we do the nitty-gritty.
Every CISO and security practitioner I’ve met along the way has experiences and a perspective that are worth hearing, so we feature guest contributors with diverse backgrounds and viewpoints to prompt us all to pause and rethink our assumptions. It’s with all of this in mind that I hope F5 Labs continues to serve our community as a venue for security professionals to learn, share, reflect (and vent) to our mutual benefit.