Practice Makes Perfect: Security Chaos Engineering for Incident Responders - Kennedy Torkura

About the video

Security Chaos Engineering (SCE) builds on proven scientific methods, the same methods that underlie chaos engineering. The basic premise is that resilience is a product of planned and organized turbulence. Without deliberate and coordinated orchestration of turbulence, defenders (e.g. security incident responders) perceive a false sense of security, and blindspots remain unnoticed. These blindspots are potential attack opportunities in the waiting. Interestingly, on the flip side, attackers easily identify such blindspots because they intentionally look for them; they employ adversarial tactics. This mindset, also known as the assume-breach mindset, is imperative for using proactive cyber-security mechanisms. Importantly, SCE allows defenders to think from attackers’ viewpoints, thus asking exciting questions about attack opportunities. This adversarial mindset allows framing various attack scenarios as hypotheses to be proved. Hypothesis proving enables the collection of evidence, thus taking away guesswork or gut feeling and positioning a fact-based analytical process. This process empowers incident response teams to exercise realistic attack scenarios and build effective incident response processes. Ultimately, these teams enhance their knowledge and skill and become more confident in tackling varying dimensions of attacks.