Jelle Niemantsverdriet joins us in this episode to discuss how the mindset around security is evolving, both from organisations and from professionals. My favourite takeaway is that security is on the same path as testing and becoming part of quality in software development.  Connect with Jelle Niemantsverdriet: https://www.linkedin.com/in/jelleniemantsverdriet  https://twitter.com/jelle_n  References: Digital Defense Report - https://www.microsoft.com/nl-nl/security/security-insider/microsoft-digital-defense-report-2023  Data Breach Investigations Report (DBIR) - https://www.verizon.com/business/resources/reports/dbir/?CMP=OOH_SMB_OTH_22222_MC_20200501_NA_NM20200079_00001 Sidney Dekker - https://sidneydekker.com  Kelly Shortridge - https://kellyshortridge.com/blog/ Chaos Engineering - https://www.securitychaoseng.com Full episode on YouTube ▶️ https://youtu.be/A7DS1KCw6dY Beyond Coding Podcast with ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠🎙Patrick Akil⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Powered by ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Xebia⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠!⁠⁠⁠⁠⁠⁠⁠⁠⁠! OUTLINE 00:00:00 - Intro 00:00:25 - Security is a matter of software quality 00:02:19 - Security way of working 00:04:37 - Professional pride 00:06:53 - Layers of defense, or excuse? 00:09:05 - The industrial revolution in IT 00:10:48 - Security as speciality 00:13:18 - Collaborating with the security department 00:14:29 - Building bridges 00:16:22 - Willingness to listen 00:19:29 - Scenario analysis workshops 00:21:01 - Unpredictable human behaviour 00:23:21 - Seemless and friction in security solutions 00:25:28 - Instant cake 00:26:38 - Red, blue and purple teaming 00:28:34 - Exploring the boundaries in AI 00:31:38 - Gamified security 00:32:46 - With risk comes reward 00:36:17 - Security costs vs. benefit 00:38:49 - Frequent password changes 00:41:20 - Verizon Data Breach Investigations Report 00:43:55 - Sidney Dekker - Human error doesn't exist 00:46:23 - Kelly Shortridge - Sensemaking 00:47:14 - Sharing knowledge around security