I spent last week out in San Francisco at REdeploy to learn about Resilience Engineering and what it means to build solid, sustainable infrastructures, organizations, and teams. This was the first conference of its type, and it did not disappoint.
While there was an incredible lineup of speakers, the real value, in my opinion, came from the engagement and discussions that took place after the on-stage talks. Not only did the speakers and attendees mingle at every break, but the conference organizers also hosted a speaker panel at the end of each day where attendees could ask questions, and the speakers themselves could discuss some of the themes presented throughout the day. I eagerly took advantage and sat down with a few people to find out what Security means for Resilience Engineering.
The Four Concepts of Resilience
First things first: What exactly is “Resilience Engineering?” This was defined multiple times during the event, but the best articulation came from Laura Maguire in her talk “Operating at the Edge of the Envelope.”
In this presentation, Laura outlined the four concepts of resilience — Rebound, Robustness, Graceful Extensibility, and Sustained Adaptability. The most important, in her view, is Sustained Adaptability — or the ability to manage the adaptive capacity of layered network systems to produce sustained adaptability over longer scales.
J. Paul Reed, co-organizer of the event and Managing Partner of Release Engineering Approaches, framed up his answer based on Laura’s definition:
“When you think about resilience engineering as sustained adaptive capacity or having a well of ability to adapt, which itself can be sustained over time, security fits nicely into that framing. The ability to adapt and especially that ability to adapt sustained over time, is really important when talking about security-in-the-wild, because the landscape of threats in security is always changing. The attacks and the bad actors are always adapting, so your people and systems need to be able to adapt with those evolving threats.”
Courtney Kissler, Vice President, Nike Digital Platform Engineering, and Scott Nasello, Director, Delivery Engineering at Columbia Sportswear, had their own opinions. Scott began thinking in the context of Resilient systems:
“Security is one of the many attributes of a functioning system. Resiliency and some of its practices enable us to converge on a higher level of security, just like higher levels of usability, just like higher levels of observability, just like higher levels of other things.”
Courtney spoke about the engineering principles core to Nike where security and privacy share number two position on the list:
“Essentially when I package up everything outside of features, I define all of that as resiliency. But really resiliency is a feature. It’s a feature your team and your business and your customers care about.
If you’re not building security in, think of privacy by design and security by design, then you’re going to have challenges and you’re probably going to have to do it anyway. In some cases, it can be more expensive and may not have everything that you’re looking for.
What you need to ask yourself is how can we prepare systems for inevitable surprises without ignoring real-world constraints? What mechanisms let a system manage the risk of brittleness?”
Engineering Principles Core to Nike — From Courtney Kissler’s Presentation at REdeploy
Creating a Culture of Security
So going back to Laura’s talk, “the interesting features of resilience can be difficult to detect and measure [because so many of them are cultural].” Security and Resiliency will only be a reality for those who understand how to adapt and those who accept security to build better applications.
It’s easy to set up a pipeline in order to push to production quickly, but if you aren’t integrating security into that function via config auditing or compliance testing, you can’t really deploy safely. Security doesn’t need to slow down business. The dev team can still work on their pipeline, but run other tools or processes in parallel to ensure compliance and better, safer deployments.
Pass It On
I cannot say loudly enough or often enough just how excited I am about what organizers J. Paul Reed and Mary Thengvall are doing. They are building a culture of engineers, enthusiasts, and business managers with a “think resilience first” philosophy. It’s starting to take root, and I could see its positive results manifesting in conversations at the event.
This community footing is a serious benefit for better, more flexible, reliable, and secure development. A culture focused on learning will encourage engineers everywhere to collaborate on more successful — more secure — applications. It will also discourage security pigeonholing that ends up being largely under-supported. A culture of security first just might (I say will) be the care that prevents future pain.
The Future Is Here
I don’t know whether your company is ready to hop on the “Resilience Engineering” wagon or not. What I do feel confident about is this: Whether it’s Resilience Engineering, Reliability Engineering, SecOps, or DevOps — change is here, and it will be part of your future.
We all have an invitation to get involved and help shape that future. This conference and its speakers represent a culture that is a little different from those of the past. The sooner all of us internalize these ideas, the sooner we can be part of the bigger vision that unfolds from it. I wrote this summary with the “security is part of resiliency” message in my mind, and I encourage you to internalize it as well.
Resilience Engineering is going to be an essential foundation of our industry’s future. Let’s start adapting the changes and working toward a happier, more secure future.
If you’d like to learn more about Resilience Engineering or sign up for updates on next year’s event, visit the REdeploy website or check out the collection of Resilience Engineering resources on GitHub.