Tapping Other Fields To Approach Security Differently

Earlier this month I joined Dustin Lehr on the Security Champions Podcast! I enjoyed our conversation, which covered adapting ideas from safety to security, empowering developers, influence, organizational change management, and more. It even included an old phrase I coined, that particularly resonated with Dustin:

“A security amateur knows how to secure things; a security professional knows when you don’t have to.”

Dustin has a full writeup on the Security Journey blog, and you can watch a video version of the podcast on YouTube or listen to it on your favorite podcast app!

Description

John joins the podcast to explore what it means to treat security like other mature safety disciplines. Drawing on safety science, economics, and hands-on AppSec experience, he shares a practical perspective on security as decision support and how empowering developers with the right time and tools leads to stronger security outcomes.