Farewell, Sun Tzu: The Modern Security Mindset with Kelly Shortridge

Security Voices

תוכן מסופק על ידי Security Voices. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Security Voices או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

12M ago 1:03:12

MP3•בית הפרקים

The classic mindset of cyber security unmistakably originates from its early leaders: financial services, the defense industrial complex, and big companies that had too much to lose from ignoring what was called at the time “information security risk”. They tried to calculate largely unknowable risks to explain digital concepts to analog executives. They leaned on medieval metaphors such as castles and moats to make formerly arcane technology like firewalls understandable to people who just got their first AOL email address. And Sun Tzu quotes were used to make it absolutely clear that we were in a war against a shadowy, determined enemy that demanded our attention (and a generously sized budget).
The cybersecurity landscape now bears little resemblance today to those early days, but far too much of how we reason about our industry is still clearly traceable back to those early days. Kelly Shortridge’s Security Chaos Engineering is a sneakily titled book that has less to do with testing technical boundaries and much more to do with modernizing our headspace to accommodate the new, incredibly complex environment we find ourselves in today. Sun Tzu quotes are replaced by Ursula K. Le Guin and Buckminster Fuller. Jurassic park analogies take center stage. Ice cream metaphors and decision trees supported by open source projects make the formerly esoteric approachable. Practical even.
Our 1 hour conversation with Kelly covers many of the core ideas in the book she recently published along with Aaron Rhinehart, centering on adopting a mindset of evaluation and experimentation. A common thread running through the dialogue is that of empowerment: we live in a privileged time where much of what we do now can be stress tested to build resiliency. And that this is a far more sane approach given modern complexity than attempting to comprehensively model risk and prevent attacks. Cat and mouse? No, we and our adversaries are peers on equal footing who are capable of both offense and defense. The future, and the present for those who lean into it, is much more Spy vs. Spy than Tom and Jerry. We hope this dialogue takes you at least one step closer to it.

66 פרקים

#Security #Software Development #Security Voices #Tech