What can a diamond heist that occurred in 2003 teach us about InfoSec’s CIA triad? Well that the old way of doing security will not help us as we try to move towards being more Cloud Native. Simple tools and a lot of ingenuity can easily allow an attacker to ruin your day. So how can we make use of cloud native ways of development whilst also ensuring security?
We need infrastructure that can D.I.E.
Designing infrastructure that is Distributed, Immutable and Ephemeral will automatically integrate security by default by increasing the bar for attackers. Further, adding controlled chaos to the process ensures that you are continually learning and improving, increasing confidence in the ability to troubleshoot.
In this talk I’ll highlight how the D.I.E. triad can help us being more secure while expecting for things to fail, and embracing the chaos.