Resilience is a cybersecurity first principle strategy.

Even with mature zero trust and intrusion kill chain strategies, cyber disaster can still strike, causing material impact to your organization. In this lesson, Rick dives into the resilience principle as the best defense against the inevitable. With resilience built on top of zero trust and intrusion kill chains, a business can continuously operate despite adverse cyber events. With nearly two decades of effective resilience strategies, Netflix and Google are two impressive case studies for resilience engineering that Rick discusses in depth.

Cybersecurity professional development and continued education.

You will learn about: resilience in practice at Google and Netflix, how to implement resilience with limited resources.

CyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, Instagram

Additional first principles resources for your cybersecurity program.

For more resilience and cybersecurity first principles resources, check the topic essay.

Selected Reading:

1. "Chaos Engineering: Open-sourcing Netflix’s chaos generator, Chaos Monkey,” by Cloud_Freak, Medium, 8 September 2019, last visited 30 April 2020
2. “Congressional Report Slams OPM on Data Breach,” by Brian Krebs, KrebsOnSecurity, 7 September 2016, last visited 30 May 2020
3. “Compare and contrast business resilience vs. business continuity,” by Paul Kirvan, TechTarget, 29 January 2020, last visited 30 May 2020
4. "Cyber Resilience – Fundamentals for a Definition,” by Fredrik Björck, Martin Henkel, Stockholm University, Janis Stirna, Jelena Zdravkovic, Stockholm University, Article in Advances in Intelligent Systems and Computing, January 2015, last visited 30 April 2020
5. “EXPLORING THE EVOLUTION OF BUSINESS CONTINUITY MANAGEMENT,” by DENOVO Blog, 31 May 31 2018, last visited 30 May 2020
6. "Jon Snow’s Plan for the Battle of Winterfell Has a Crucial Flaw, But Is It Doomed?" By Ian Graber-Stiehl, Vulture.com, 26 April 2019, last visited 30 April 2020
7. "Partnering for Cyber Resilience,” by The World Economic Forum, 2012, Last Visited 30 April 2020
8. "Presidential Policy Directive 21: Critical Infrastructure Security and Resilience,” President Obama, 12 February 2013, last visited 30 April 2020
9. "The Maginot Line: France's Defensive Failure in World War II," by By Robert Wilde, ThoughtCo, 30 March 2018, last visited 30 April 2020
10. “Site Reliability Engineering: How Google Runs Production Systems,” By Betsy Beyer, Chris Jones, Jennifer Petoff, and Niall Richard Murphy, Google Landing Page, O’Reilly Media, 16 April 2016, last visited 2 September 2017
11. “Organizational Resilience: Security, Preparedness, and Continuity Management Systems -- Requirements with Guidance for Use, ASIS SPC.1-2009” by ASIS International, 2009, last visited 30 May 2020
12. “Security and resilience — Organizational resilience — Principles and attributes: ISO 22316:2017(en),” by ISO, 2017, last visited 30 May 2020
13. “The Cybersecurity Canon: No Place to Hide (Part 1),” by Rick Howard, Palo Alto Networks, 15 July 2014, last visited 30 May 2020
14. “The Cybersecurity Canon: No Place to Hide (Part 2),” by Rick Howard, Palo Alto Networks, 16 July 2014, last visited 30 May 2020