Profile of Raymond Pompon

Principal Threat Research Evangelist at F5 Networks

News & Commentary Posts: 24

Raymond Pompon is a Principal Threat Researcher Evangelist with F5 labs. With over 20 years of experience in Internet security, he has worked closely with Federal law enforcement in cyber-crime investigations. He has recently written IT Security Risk Control Management: An Audit Preparation Plan from Apress books.

Articles by Raymond Pompon

View Content By Month

Boosting Security Effectiveness with 'Adjuvants'

5/17/2018
How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program.
Post a Comment

4 Critical Applications and How to Protect Them

5/3/2018
Since critical apps are, well, critical, security teams must take preventive measures to keep attackers from exploiting their vulnerabilities.
Post a Comment

Journey to the Cloud: Overcoming Security Risks

3/1/2018
Lessons learned from a global consultancy's 10-year transition from on-premises to 99% cloud-based infrastructure.
Post a Comment

Security Liability in an 'Assume Breach' World

2/22/2018
Cybersecurity today is more than an IT issue. It's a product quality issue, a customer service issue, an operational issue, and an executive issue. Here's why.
Post a Comment

Avoiding the Epidemic of Hospital Hacks

1/25/2018
Lessons learned about cyber hygiene from inside one of America's highest ranked medical institutions.
Post a Comment

The Startup Challenge: Safe in the Cloud from Day One

1/18/2018
How a Seattle travel company built a rock-solid mobile app without sacrificing performance or security.
Post a Comment

Be a More Effective CISO by Aligning Security to the Business

12/21/2017
These five steps will you help marshal the internal resources you need to reduce risk, break down barriers, and thwart cyber attacks.
Post a Comment

Is a Good Offense the Best Defense Against Hackers?

12/14/2017
A proposed new law could make it legal for companies to hack back against attacker. But will it work?
Post a Comment

Why Third-Party Security Is your Security

12/7/2017
Managing third-party risk isn't just a good idea, in many cases, it's the law. This security framework can help you minimize the threat.
Post a Comment

'Goldilocks' Legislation Aims to Clean up IoT Security

11/9/2017
The proposed Internet of Things Cybersecurity Improvement Act of 2017 is not too hard, not too soft, and might be just right.
Post a Comment

5 Reasons CISOs Should Keep an Open Mind about Cryptocurrency

11/2/2017
With untold new markets for Bitcoin and other 'alt-coins,' it's going to be an exciting future -- and security leaders need to get ready for it.
Post a Comment

6 Steps to Finding Honey in the OWASP

10/12/2017
The most famous project of the Open Web Application Security Project is getting an update. Here's what you need to know, and how you can get involved.
Post a Comment

URL Obfuscation: Still a Phisher's Phriend

10/5/2017
There are three primary techniques to trick users into thinking a website link is real: URL shorteners, URL doppelgangers, and URL redirects.
Post a Comment

Where Do Security Vulnerabilities Come From?

9/22/2017
There are three major causes: code quality, complexity, and trusted data inputs.
Post a Comment

CIO or C-Suite: To Whom Should the CISO Report?

9/7/2017
Five reasons why the chief information security officer needs to get out from under the control of IT.
Post a Comment

Phishing for Your Information: How Phishers Bait Their Hooks

8/31/2017
A treasure trove of PII from social networks and the public Internet is there for the taking.
Post a Comment

How to Avoid the 6 Most Common Audit Failures

8/17/2017
In a security audit, the burden is on you to provide the evidence that you’ve done the right things.
Post a Comment

6 Ways CISOs Can Play a Role in Selling Security

8/10/2017
When customers ask tough questions about data security, business service resilience, privacy, regulatory, and reputational risk it’s best to remain upbeat and positive. Here’s how.
Post a Comment

Can Your Risk Assessment Stand Up Under Scrutiny?

7/27/2017
Weak risk assessments have gotten a pass up until now, but that may be changing.
Post a Comment

Doxing, DoS & Defacement: Today’s Mainstream Hacktivism Tools

6/29/2017
Anyone can get angry at you and become a hacktivist. Here’s how to protect your organization from these increasingly common cyber attacks.
Post a Comment

Talking Cyber-Risk with Executives

6/23/2017
Explaining risk can be difficult since CISOs and execs don’t speak the same language. The key is to tailor your message for the audience.
Post a Comment

Will Deception as a Defense Become Mainstream?

6/8/2017
If your organization has the right resources, deception strategies offer a powerful way to slow down and entrap potential intruders.
Post a Comment

DNS Is Still the Achilles’ Heel of the Internet

6/1/2017
Domain Name Services is too important to do without, so we better make sure it’s reliable and incorruptible
Post a Comment

Author

Profile of Raymond Pompon