Kelly Shortridge - Security Chaos Engineering in ICS - podcast episode cover

Kelly Shortridge - Security Chaos Engineering in ICS

Unsolicited Response
Nov 01, 202347 minSeason 2023Ep. 33
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Kelly joins Dale to discuss her new book Security Chaos Engineering: Sustaining Resilience in Software and Systems. Kelly points out the second part of the title is the most descriptive, and she is not a big fan of the Chaos term that has taken hold.

They discuss:

  • A quick description of Security Chaos Engineering
  • Is there similarity or overlap with the CCE or CIE approach?
  • The value of decision trees
  • Her view of checklists of security controls like CISA's CPG
  • Lesson 1 - "Start in Nonproduction environments"
  • The experiment / scientific method approach and how it can start small
  • The Danger Zone: tight coupling and complex interactions
  • How should ICS use Chaos Engineering
For the best experience, listen in Metacast app for iOS or Android