CISO-to-CISO

Content for CISOs, by CISOs

5 Questions to Ask to See If Your Security Team is Cloud Incident Ready

[{"name":"Erik Pierson","summary":"\u003cp\u003eErik Pierson is the Director of Information Security at Slalom Consulting, with over 20 years experience in the field.\u003c/p\u003e\r\n","imageReference":"/content/dam/f5-labs-v2/_author-headshots/Erik_Pierson.png","searchLink":"/content/f5-labs-v2/en/labs/search.author_Erik+Pierson.html","jobTitle":"Director of Information Security","companyName":"Slalom Consulting","companyPageUrl":"https://www.slalom.com/","articles":[{"topic":"Strategies","topicPath":"/etc/tags/f5-labs-v2/ciso/strategies","topicSearchPath":"/labs/search.ciso_strategies","date":"January 15, 2019","contentDuration":"5 min. read","publishDate":"Jan 15, 2019 3:34:00 PM","title":"If I Had to Do It Over Again","authors":["Raymond Pompon"],"contributors":["Erik Pierson","Mike Hamilton","Mary Gardner"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/if-i-had-it-to-do-over-again","mappedPath":"/labs/articles/cisotociso/if-i-had-it-to-do-over-again","description":"Learn from CISOs who describe how they would “do it over” again in some of their early security program deployments.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/strategies","url":"/labs/search.ciso_strategies","name":"strategies","title":"Strategies","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/governance","url":"/labs/search.ciso_strategies_governance","name":"governance","title":"Governance","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/career-path","url":"/labs/search.ciso_strategies_career-path","name":"career-path","title":"Career Path","isTopic":false},{"weight":0,"tagId":"industry:healthcare","url":"/labs/search.industry:healthcare","name":"healthcare","title":"Healthcare","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/Risk","url":"/labs/search.ciso_strategies_Risk","name":"Risk","title":"Risk","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a11/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a11/article-tile-image.png","type":"blog","appTierAffected":[]}]},{"name":"Kip Boyle","summary":"\u003cp\u003eKip Boyle is the CEO of Cyber Risk Opportunities, whose mission is to help executives become better cyber risk managers. He has over 24 years of cybersecurity experience serving in such roles as Chief Information Security Officer (CISO) for PEMCO Insurance and Director of Wide Area Network Security for the F-22 Raptor. In addition to his work with many large, global organizations at the Stanford Research Institute, Kip has also held other cyber risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.\u003c/p\u003e\r\n","imageReference":"/content/dam/f5-labs-v2/_author-headshots/Kip_Boyle.png","searchLink":"/content/f5-labs-v2/en/labs/search.author_Kip+Boyle.html","jobTitle":"CEO","companyName":"Cyber Risk Opportunities","companyPageUrl":"https://www.cyberriskopportunities.com/","articles":[{"topic":"Strategies","topicPath":"/etc/tags/f5-labs-v2/ciso/strategies","topicSearchPath":"/labs/search.ciso_strategies","date":"May 17, 2018","contentDuration":"7 min. read","publishDate":"May 17, 2018 12:00:00 AM","title":"Managing Compliance Issues within the Value Chain","authors":["Kip Boyle"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/managing-compliance-issues-within-the-value-chain","mappedPath":"/labs/articles/cisotociso/managing-compliance-issues-within-the-value-chain","description":"Align your compliance requirements with your other business requirements so you can distinguish what you must do from what’s nice to do.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/strategies","url":"/labs/search.ciso_strategies","name":"strategies","title":"Strategies","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:ciso/C2C-Keywords/third-party-liability","url":"/labs/search.ciso_C2C-Keywords_third-party-liability","name":"third-party-liability","title":"third party liability","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:category/ciso","url":"/labs/search.category_ciso","name":"ciso","title":"CISO","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/C2C-Keywords/third-party-security","url":"/labs/search.ciso_C2C-Keywords_third-party-security","name":"third-party-security","title":"third party security","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/C2C-Keywords/compliance","url":"/labs/search.ciso_C2C-Keywords_compliance","name":"compliance","title":"compliance","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a03/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a03/article-tile-image.png","type":"blog","appTierAffected":["Services Tier"]}]},{"name":"Mary Gardner","summary":"\u003cp\u003eMary Gardner is Chief Information Security Officer (CISO) at F5. In this role, she is responsible for F5’s corporate-wide information security management efforts, along with strategic planning, governance, and controls. This includes identifying, evaluating, and reporting on F5’s overall security performance and posture in alignment with regulatory requirements and evolving industry best practices. Prior to F5, Mary served as CISO at Seattle Children’s Hospital. She has also held security leadership positions at Fred Hutchinson Cancer Research Center, Port of Seattle, JPMorgan Chase, and Washington Mutual. Mary holds a B.S. from Trinity University. She is also a Certified Information Systems Security Professional (CISSP) and member of the Executive Women’s Forum.\u003c/p\u003e\r\n","imageReference":"/content/dam/f5-labs-v2/_author-headshots/Mary_Gardner.png","searchLink":"/content/f5-labs-v2/en/labs/search.author_Mary+Gardner.html","jobTitle":"CISO","companyName":"F5","articles":[{"topic":"Strategies","topicPath":"/etc/tags/f5-labs-v2/ciso/strategies","topicSearchPath":"/labs/search.ciso_strategies","date":"June 06, 2019","contentDuration":"1 min. read","publishDate":"Jun 6, 2019 10:37:00 AM","title":"Welcome to CISO to CISO 2.0","authors":["Mary Gardner"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/welcome-to-ciso-to-ciso-2-0","mappedPath":"/labs/articles/cisotociso/welcome-to-ciso-to-ciso-2-0","description":"Welcome to the newly revamped CISO to CISO page!","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/strategies","url":"/labs/search.ciso_strategies","name":"strategies","title":"Strategies","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:category/ciso","url":"/labs/search.category_ciso","name":"ciso","title":"CISO","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a01/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a01/article-tile-image.png","type":"blog","appTierAffected":[]},{"topic":"Strategies","topicPath":"/etc/tags/f5-labs-v2/ciso/strategies","topicSearchPath":"/labs/search.ciso_strategies","date":"January 15, 2019","contentDuration":"5 min. read","publishDate":"Jan 15, 2019 3:34:00 PM","title":"If I Had to Do It Over Again","authors":["Raymond Pompon"],"contributors":["Erik Pierson","Mike Hamilton","Mary Gardner"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/if-i-had-it-to-do-over-again","mappedPath":"/labs/articles/cisotociso/if-i-had-it-to-do-over-again","description":"Learn from CISOs who describe how they would “do it over” again in some of their early security program deployments.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/strategies","url":"/labs/search.ciso_strategies","name":"strategies","title":"Strategies","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/governance","url":"/labs/search.ciso_strategies_governance","name":"governance","title":"Governance","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/career-path","url":"/labs/search.ciso_strategies_career-path","name":"career-path","title":"Career Path","isTopic":false},{"weight":0,"tagId":"industry:healthcare","url":"/labs/search.industry:healthcare","name":"healthcare","title":"Healthcare","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/Risk","url":"/labs/search.ciso_strategies_Risk","name":"Risk","title":"Risk","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a11/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a11/article-tile-image.png","type":"blog","appTierAffected":[]},{"topic":"Controls","topicPath":"/etc/tags/f5-labs-v2/ciso/controls","topicSearchPath":"/labs/search.ciso_controls","date":"January 10, 2019","contentDuration":"4 min. read","publishDate":"Jan 10, 2019 7:54:00 AM","title":"How We Patch Vulnerabilities at F5","authors":["Mary Gardner"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/how-we-patch-vulnerabilities-at-f5","mappedPath":"/labs/articles/cisotociso/how-we-patch-vulnerabilities-at-f5","description":"Patching is a tedious and relentless task, but like brushing your teeth to prevent cavities, it keeps holes from forming in your infrastructure.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/controls","url":"/labs/search.ciso_controls","name":"controls","title":"Controls","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:category/threats/web-application-attacks/brute-force","url":"/labs/search.category_threats_web-application-attacks_brute-force","name":"brute-force","title":"Brute force attack","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:category/ciso","url":"/labs/search.category_ciso","name":"ciso","title":"CISO","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:category/threats/web-application-attacks/credential-stuffing","url":"/labs/search.category_threats_web-application-attacks_credential-stuffing","name":"credential-stuffing","title":"Credential stuffing","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:category/threats/web-application-attacks/credential-theft","url":"/labs/search.category_threats_web-application-attacks_credential-theft","name":"credential-theft","title":"Credential theft","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a07/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a07/article-tile-image.png","type":"blog","appTierAffected":[]}]},{"name":"Mike Hamilton","summary":"\u003cp\u003eMike Hamilton is the founder and CISO of CI Security (formerly Critical Informatics). He has 25 years experience in Information Security as a practitioner, entrepreneur, consultant, and in executive management. He also has direct experience in retail, manufacturing, government, defense, academic, semiconductor, energy, law enforcement, transportation, publishing and financial sectors - from Fortune 1 to small nonprofits. \u003c/p\u003e\r\n","imageReference":"/content/dam/f5-labs-v2/_author-headshots/Mike_Hamilton.png","searchLink":"/content/f5-labs-v2/en/labs/search.author_Mike+Hamilton.html","jobTitle":"Founder, CISO","companyName":"CI Security","companyPageUrl":"https://ci.security/","articles":[{"topic":"Strategies","topicPath":"/etc/tags/f5-labs-v2/ciso/strategies","topicSearchPath":"/labs/search.ciso_strategies","date":"January 15, 2019","contentDuration":"5 min. read","publishDate":"Jan 15, 2019 3:34:00 PM","title":"If I Had to Do It Over Again","authors":["Raymond Pompon"],"contributors":["Erik Pierson","Mike Hamilton","Mary Gardner"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/if-i-had-it-to-do-over-again","mappedPath":"/labs/articles/cisotociso/if-i-had-it-to-do-over-again","description":"Learn from CISOs who describe how they would “do it over” again in some of their early security program deployments.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/strategies","url":"/labs/search.ciso_strategies","name":"strategies","title":"Strategies","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/governance","url":"/labs/search.ciso_strategies_governance","name":"governance","title":"Governance","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/career-path","url":"/labs/search.ciso_strategies_career-path","name":"career-path","title":"Career Path","isTopic":false},{"weight":0,"tagId":"industry:healthcare","url":"/labs/search.industry:healthcare","name":"healthcare","title":"Healthcare","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/Risk","url":"/labs/search.ciso_strategies_Risk","name":"Risk","title":"Risk","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a11/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a11/article-tile-image.png","type":"blog","appTierAffected":[]}]},{"name":"Mike Simon","summary":"\u003cp\u003eWith an education in computer science and 25 years of experience designing and securing information systems, Mike Simon is a well-known and highly respected member of the Northwest’s information security community. He is faculty at the University of Washington Information School, a published author, an active collaborator in the PRISEM and PICES projects and other regional initiatives, a subject matter expert in the energy and finance sectors, and integrated with law enforcement through contacts in the FBI, DHS, and Infragard. As Critical Informatics’ Chief Technology Officer, he leads development teams for the Critical Insight security monitoring platform and the associated Critical Insight Collector-sensor, directs our Big Data and Data Analytics program and helps to set company direction and strategy.\u003c/p\u003e\r\n","imageReference":"/content/dam/f5-labs-v2/_author-headshots/Mike_Simon.png","searchLink":"/content/f5-labs-v2/en/labs/search.author_Mike+Simon.html","jobTitle":"CTO","companyName":"Critical Informatics","companyPageUrl":"https://ci.security/","articles":[{"topic":"Strategies","topicPath":"/etc/tags/f5-labs-v2/ciso/strategies","topicSearchPath":"/labs/search.ciso_strategies","date":"February 06, 2019","contentDuration":"4 min. read","publishDate":"Feb 6, 2019 8:28:00 AM","title":"If I Had to Do It Over Again, Part 2","authors":["Raymond Pompon"],"contributors":["Sara Boddy","Mike Simon","Todd Plesco","Kate Wakefield"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/if-i-had-it-to-do-over-again-part-2","mappedPath":"/labs/articles/cisotociso/if-i-had-it-to-do-over-again-part-2","description":"More lessons learned from CISOs about “fire and forget,” physical security, the human factor, and audit logging.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/strategies","url":"/labs/search.ciso_strategies","name":"strategies","title":"Strategies","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/governance","url":"/labs/search.ciso_strategies_governance","name":"governance","title":"Governance","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/career-path","url":"/labs/search.ciso_strategies_career-path","name":"career-path","title":"Career Path","isTopic":false},{"weight":0,"tagId":"industry:healthcare","url":"/labs/search.industry:healthcare","name":"healthcare","title":"Healthcare","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/Risk","url":"/labs/search.ciso_strategies_Risk","name":"Risk","title":"Risk","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a11/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a11/article-tile-image.png","type":"blog","appTierAffected":[]},{"topic":"Controls","topicPath":"/etc/tags/f5-labs-v2/ciso/controls","topicSearchPath":"/labs/search.ciso_controls","date":"November 02, 2017","contentDuration":"9 min. read","publishDate":"Nov 2, 2017 12:00:00 AM","title":"Can Engineers Build Networks Too Complicated for Humans to Operate? Part II: Making Sense of Network Activities and System Behaviors","authors":["Mike Simon"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/can-engineers-build-networks-too-complicated-for-humans-to-operate-part-ii-making-sense-of-network-activities-and-system-behaviors","mappedPath":"/labs/articles/cisotociso/can-engineers-build-networks-too-complicated-for-humans-to-operate-part-ii-making-sense-of-network-activities-and-system-behaviors","description":"How to selectively capture packets for further analysis and avoid buying a storage farm.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/controls","url":"/labs/search.ciso_controls","name":"controls","title":"Controls","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:ciso/C2C-Keywords/risk-management","url":"/labs/search.ciso_C2C-Keywords_risk-management","name":"risk-management","title":"risk management","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:category/ciso","url":"/labs/search.category_ciso","name":"ciso","title":"CISO","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/C2C-Keywords/packet-analysis","url":"/labs/search.ciso_C2C-Keywords_packet-analysis","name":"packet-analysis","title":"packet analysis","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/C2C-Keywords/complex-systems","url":"/labs/search.ciso_C2C-Keywords_complex-systems","name":"complex-systems","title":"complex systems","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a05/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a05/article-tile-image.png","type":"blog","appTierAffected":["Client"]},{"topic":"Strategies","topicPath":"/etc/tags/f5-labs-v2/ciso/strategies","topicSearchPath":"/labs/search.ciso_strategies","date":"August 03, 2017","contentDuration":"6 min. read","publishDate":"Aug 3, 2017 12:00:00 AM","title":"Can Engineers Build Networks Too Complicated for Humans to Operate? Part I: Scope of the Problem","authors":["Mike Simon"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/can-engineers-build-networks-too-complicated-for-humans-to-operate-part-i-scope-of-the-problem","mappedPath":"/labs/articles/cisotociso/can-engineers-build-networks-too-complicated-for-humans-to-operate-part-i-scope-of-the-problem","description":"This series explores how InfoSec practitioners can use math, technology, and critical thinking to mitigate risk in a world where networks and data have surpassed the scope of human comprehension.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/strategies","url":"/labs/search.ciso_strategies","name":"strategies","title":"Strategies","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:ciso/C2C-Keywords/risk-management","url":"/labs/search.ciso_C2C-Keywords_risk-management","name":"risk-management","title":"risk management","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:category/ciso","url":"/labs/search.category_ciso","name":"ciso","title":"CISO","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/C2C-Keywords/packet-analysis","url":"/labs/search.ciso_C2C-Keywords_packet-analysis","name":"packet-analysis","title":"packet analysis","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/C2C-Keywords/complex-systems","url":"/labs/search.ciso_C2C-Keywords_complex-systems","name":"complex-systems","title":"complex systems","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a09/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a09/article-tile-image.png","type":"blog","appTierAffected":["Client"]}]},{"name":"Paul Farrall","summary":"\u003cp\u003ePaul Farrall currently holds the position of Vice President \u0026amp; Chief Information Security Officer at Skytap, a Cloud Infrastructure provider headquartered in Seattle, WA. For the past 15 years, Paul has been focused on Information Security and IT Operations at a variety of organizations ranging from Fortune 500 companies to small technology startups. Prior to Skytap, he was VP of Operations and Information Security for Big Fish Games, where he had overall responsibility for Information Security and IT Operations. Paul’s current interests include the emerging intersection of privacy and cybersecurity; integrating agile security into Devops; and developing cybersecurity best practices for cloud services providers.\u003c/p\u003e\r\n","imageReference":"/content/dam/f5-labs-v2/_author-headshots/Paul_Farrall.png","searchLink":"/content/f5-labs-v2/en/labs/search.author_Paul+Farrall.html","jobTitle":"Vice President and CISO","companyName":"Skytap","articles":[{"topic":"Strategies","topicPath":"/etc/tags/f5-labs-v2/ciso/strategies","topicSearchPath":"/labs/search.ciso_strategies","date":"April 18, 2019","contentDuration":"6 min. read","publishDate":"Apr 18, 2019 7:51:00 AM","title":"If I Had to Do It Over Again, Part 3","authors":["Raymond Pompon"],"contributors":["Paul Farrall","Preston Hogue","Taeil Goh"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/if-i-had-to-do-it-over-again--part-3","mappedPath":"/labs/articles/cisotociso/if-i-had-to-do-it-over-again--part-3","description":"More stories from CISOs who describe how they would “do it over” again in some of their early security program deployments.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/strategies","url":"/labs/search.ciso_strategies","name":"strategies","title":"Strategies","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/governance","url":"/labs/search.ciso_strategies_governance","name":"governance","title":"Governance","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/career-path","url":"/labs/search.ciso_strategies_career-path","name":"career-path","title":"Career Path","isTopic":false},{"weight":0,"tagId":"industry:healthcare","url":"/labs/search.industry:healthcare","name":"healthcare","title":"Healthcare","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/Risk","url":"/labs/search.ciso_strategies_Risk","name":"Risk","title":"Risk","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a12/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a12/article-tile-image.png","type":"blog","appTierAffected":[]}]},{"name":"Todd Plesco","summary":"\u003cp\u003eTodd Plesco is the Chief Information Security Officer of PrescribeWellness.  PrescribeWellness\u0027s cloud-based platform is used by pharmacies and other healthcare professionals to provide more effective, preventive healthcare services, which improve medication adherence, chronic disease management, transitions in care, and population health.\u003cbr /\u003e\r\n\u003cbr /\u003e\r\nMr. Plesco is responsible for developing and executing cyber security strategy and leading teams focused on risk management, security engineering, application security, cyber security operations and policy, and company-wide cyber security resiliency. His mission promotes a vigilant culture which places a high value on the protection of privacy and security for information resources and protection of personal health information entrusted to PrescribeWellness.\u003c/p\u003e\r\n\u003cp\u003e\u003ca href\u003d\"http://www.infosecurity.pro/\"\u003ehttp://www.infosecurity.pro/\u003c/a\u003e\u003c/p\u003e\r\n","imageReference":"/content/dam/f5-labs-v2/_author-headshots/Todd_Plesco.png","searchLink":"/content/f5-labs-v2/en/labs/search.author_Todd+Plesco.html","jobTitle":"CISO","companyName":"PrescribeWellness","articles":[{"topic":"Strategies","topicPath":"/etc/tags/f5-labs-v2/ciso/strategies","topicSearchPath":"/labs/search.ciso_strategies","date":"February 06, 2019","contentDuration":"4 min. read","publishDate":"Feb 6, 2019 8:28:00 AM","title":"If I Had to Do It Over Again, Part 2","authors":["Raymond Pompon"],"contributors":["Sara Boddy","Mike Simon","Todd Plesco","Kate Wakefield"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/if-i-had-it-to-do-over-again-part-2","mappedPath":"/labs/articles/cisotociso/if-i-had-it-to-do-over-again-part-2","description":"More lessons learned from CISOs about “fire and forget,” physical security, the human factor, and audit logging.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/strategies","url":"/labs/search.ciso_strategies","name":"strategies","title":"Strategies","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/governance","url":"/labs/search.ciso_strategies_governance","name":"governance","title":"Governance","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/career-path","url":"/labs/search.ciso_strategies_career-path","name":"career-path","title":"Career Path","isTopic":false},{"weight":0,"tagId":"industry:healthcare","url":"/labs/search.industry:healthcare","name":"healthcare","title":"Healthcare","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/strategies/Risk","url":"/labs/search.ciso_strategies_Risk","name":"Risk","title":"Risk","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a11/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a11/article-tile-image.png","type":"blog","appTierAffected":[]},{"topic":"Strategies","topicPath":"/etc/tags/f5-labs-v2/ciso/strategies","topicSearchPath":"/labs/search.ciso_strategies","date":"May 25, 2017","contentDuration":"4 min. read","publishDate":"May 25, 2017 12:00:00 AM","title":"How I Learned to Love Cyber Security","authors":["Todd Plesco"],"path":"/content/f5-labs-v2/en/labs/articles/cisotociso/how-i-learned-to-love-cyber-security-26951","mappedPath":"/labs/articles/cisotociso/how-i-learned-to-love-cyber-security-26951","description":"Cyber security can be a difficult and thankless job, but you can learn to love it when you know how to go about it.","tags":[{"weight":5,"tagId":"f5-labs-v2:ciso/strategies","url":"/labs/search.ciso_strategies","name":"strategies","title":"Strategies","isTopic":true},{"weight":0,"tagId":"f5-labs-v2:category/ciso","url":"/labs/search.category_ciso","name":"ciso","title":"CISO","isTopic":false},{"weight":0,"tagId":"f5-labs-v2:ciso/C2C-Keywords/leadership","url":"/labs/search.ciso_C2C-Keywords_leadership","name":"leadership","title":"leadership","isTopic":false}],"backgroundImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a08/article-background-hero-image.png","thumbnailImage":"","backgroundTileImagePath":"/content/dam/f5-labs-v2/article/backgrounds/a08/article-tile-image.png","type":"blog","appTierAffected":["Client"]}]}]
BIO
CISO Spotlight
Mary Gardner
CISO F5

Mary Gardner is Chief Information Security Officer (CISO) at F5. In this role, she is responsible for F5’s corporate-wide information security management efforts, along with strategic planning, governance, and controls. This includes identifying, evaluating, and reporting on F5’s overall security performance and posture in alignment with regulatory requirements and evolving industry best practices. Prior to F5, Mary served as CISO at Seattle Children’s Hospital. She has also held security leadership positions at Fred Hutchinson Cancer Research Center, Port of Seattle, JPMorgan Chase, and Washington Mutual. Mary holds a B.S. from Trinity University. She is also a Certified Information Systems Security Professional (CISSP) and member of the Executive Women’s Forum.

Welcome to CISO to CISO 2.0

CISO Content

No filters selected
CISO tags

No articles found matching your filter criteria

Hundreds of apps will be attacked by the time you read this.

So, we get to work. We obsess over effective attack methods. We monitor the growth of IoT and its evolving threats. We dive deep into the latest crypto-mining campaigns. We analyze banking Trojan targets. We dissect exploits. We hunt for the latest malware. And then our team of experts share it all with you. For more than 20 years, F5 has been leading the app delivery space. With our experience, we are passionate about educating the security community-providing the intel you need to stay informed so your apps can stay safe.

Every

9 hrs

a critical vulnerability—with the potential for remote code execution—is released.