Security Chaos Engineering: From Theory to Practice • Jamie Dicken • GOTO 2021
About this talk
This presentation was recorded at GOTOpia Chaos Engineering Day 2021. #GOTOcon #GOTOpia http://gotopia.eu Jamie Dicken - Cybersecurity People Leader ORIGINAL TALK TITLE Security Chaos Engineering: Pushing Security from Theory to Practice ABSTRACT Our security programs are full of assumptions. We believe that engineers implement all security requirements without error before deploying systems to production. We take for granted that the security solutions we purchase and implement actually protect our applications, infrastructure, and data. The ultimate effectiveness of a security program, however, cannot rely on assumptions. Mistakes, accidents, and misconfigurations weaken the best-designed security solutions, architectural patterns, and technical designs, leaving our companies vulnerable to breaches. The application of Chaos Engineering to the security domain proves to be the logical solution to this problem. By testing and validating our own systems, we can tease out false assumptions, proactively identify opportunities for security hardening or remediation, and fix them before an adversary exploits them. In this session, we will discuss the principles of Security Chaos Engineering and share the real-life story of establishing the practice at Cardinal Health – a Fortune 20 healthcare company. We will also show you how you can do the same – regardless of your organization’s size, scale, industry, or cybersecurity [...] TIMECODES 00:00 Intro 01:29 Agenda 02:03 Reality check 07:25 Security chaos engineering basics 13:08 Real-world implementation 17:30 How to get started 10:15 Impact of security chaos engineering 20:41 Outro Read the full abstract here: https://gotopia.us/chaos-day-2021/sessions/1711/converging-applications-and-audiences-the-return-to-dumb-pipes-security-chaos-engineering-pushing-security-from-theory-to-practice RECOMMENDED BOOKS Aaron Rinehart • Security Chaos Engineering • https://www.verica.io/sce-book Nora Jones & Casey Rosenthal • Chaos Engineering • https://www.verica.io/book Nora Jones & Casey Rosenthal • Chaos Engineering • https://amzn.to/3hUmuAH Mikolaj Pawlikowski • Chaos Engineering • https://amzn.to/2SQ5Olf Russ Miles • Learning Chaos Engineering • https://amzn.to/3hCiUe8 Murphy, Beyer, Jones & Petoff • Site Reliability Engineering • https://amzn.to/2Vg6Mbr https://twitter.com/GOTOcon https://www.linkedin.com/company/goto- https://www.facebook.com/GOTOConferences #Security #ChaosEngineering #SecurityChaosEngineering #Programming #ContinuousVerification #ContinuousValidation Looking for a unique learning experience? Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily. https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Topics covered
Stay Updated
Get notified about new features and conference additions.
