David Lindner, Director, Application Security

AppSec Observer

Insight #1: CISO-less companies, you’re playing with fire Only 45% of American companies have a chief information security officer (CISO), according to new research. It’s time to ask a hard question: Are we serious about cybersecurity, or are we gambling with our future? The absence of a CISO signals a ... Read More

Insight #1: Two tricks to stop mystery breaches The majority of security leaders reportedly don’t know what caused data security incidents at their organizations over the past 12 months. To reduce the likelihood of unknown security breaches, prioritize regular staff training and tabletop exercises. This empowers employees to identify and ... Read More

Insight #1:  Time for a new SIEM? Make it ADR-compatible When evaluating modern security information and event management (SIEM) solutions, prioritize those with robust integrations for Application Detection and Response (ADR). This ensures comprehensive security coverage, faster incident response and reduced complexity by combining the strengths of both SIEM and ... Read More

Insight #1:  You can be sued for your junky software, EU says The EU recently updated its Product Liability Directive (PDF) to reflect the critical role of software in modern society. This means software vendors are now liable for defects that cause harm, including personal injury, property damage or data ... Read More

Insight #1:  Chuck the checkbox, seize real risk To achieve a strong security posture, CISOs must avoid a "checkbox mentality" that prioritizes compliance over actual risk management and instead cultivate a security culture that is demonstrated in practice.   Insight #2: CISOs, stop drowning in the tsunami of alerts CISOs ... Read More

Insight #1: Data breach costs are climbing According to IBM’s latest Cost of a Data Breach report, data breach costs have risen 39.4% over the past decade and are now at almost $5 million per breach. We should make sure our cybersecurity insurance falls in line with these numbers.   ... Read More

Good cyber defense involves more than blocking and tackling. Without visibility into what’s happening, where and by whom, enterprises are hard-pressed to maintain solid protection of systems, networks and data. One area where visibility falls short of what you need is the application layer. This obscurity has given rise to ... Read More

Insight #1: CISOs, you need insurance coverage According to German multinational insurance company Munich Re, the global cyber insurance market is expected to rise from $14 billion to $29 billion by 2027. CISOs will increasingly need to "tell their story" to make sure they are properly insured, as most policies ... Read More

Insight #1: Every click you make, every vish call you take It's Cybersecurity Awareness Month. What are you doing to prevent phishing attacks this month? In a hyper-connected world, cybersecurity is no longer just an IT issue, but a shared responsibility. Every click, every download, every connected device is a potential ... Read More

Insight #1: Don't just focus on the catastrophe du jour A CISO must have both long-term and short-term plans to improve security posture. These plans must include people, process and technology. You will not solve a problem with only one.   Insight #2: Every single thing can't be critical Prioritize, ... Read More