Recently, many major breaches, such as CircleCI, Reddit, and LastPass have made the news. I’ve analyzed them in previous blog posts and given my thoughts on handling them. Although based on the descriptions, I was able to understand and infer some possible gaps that might have led to the breach, it’s hard to compare breaches. Moreover, it would be close to impossible to fully understand the whole context, i.e. what decisions and actions the company took that led them to that point. In fact, this is extremely difficult even if you worked there unless you have worked there since the company’s inception. Either way, where am I going with this? I’m returning to this post's original point: breaches are random and inevitable, which has been a theme I’ve discussed in previous posts.
This is definitely a shifted mindset from the past where the goal of security was to prevent security incidents and breaches. However, this is no longer a realistic goal today given the complexity of systems and the competitive nature of software that requires certain risks and tradeoffs to stay ahead.
So what is security’s role assuming this scenario? How does this change the way we do security? In this newsletter, we explore these questions.
To start, why do I believe breaches are inevitable and random?
Increasing security leverage and setting reasonable expectations
Keep reading with a 7-day free trial
Subscribe to Frankly Speaking to keep reading this post and get 7 days of free access to the full post archives.