by Gene Kim on
Dr. Whitfield Diffie
Mary Ann Davidson, CSO, Oracle
@MissAuricomous: Why do people put the empty mentos wrappers back in the bowl? #aisa #thebigissues
Next up: Bryan Sartin: Director Investigative Response, Verizon Business
Director of Security, Google Enterprise
It is an incredible feat to make what Google does (which is so exciting), so entirely deadly boring....
I'm so bored.
ie, Variance -> risk. RT @jdalessa: EranF: Homogeneity is good for security because outliers (malware, etc) stick out.#aisa
@halans: Feigenbaum: "Google has 300 people in their security team"
RT @halans: Feigenbaum: "Google has 300 people in their security team"
(Repetition creates mastery) Feigenbaum: "At least once per year, run a drill of security incident as if security breach happened"
Feigenbaum: "Google Apps reliability: 99.984% in 2010, 99.99% in 2011; zero scheduled maintenance; 46x more reliable than Exchange"
@halans: "Who Has Your Back?" Corporate Transparency About Government Demands for User Information #aisa https://t.co/i1Qxo9nh
RT @halans: "Who Has Your Back?" Corporate Transparency About Government Demands for User Information #aisa https://t.co/i1Qxo9nh
Feigenbaum: "Google first to prove that SSL was more than just for login screens"
Feigenbaum: "I get this call weekly: 'My gmail acct just got broken into. Please help me.' Problems: is it the real acct owner?
Consistent themes are startling/exciting! @jdalessa: "Never unconsciously pass defects downstream. Better coding: Davidson/Diffie"
@jdalessa: GeneKim: Define the work and make it visible.
@VS_: “With a click of a button build entire systems. Build in parallel entire dev, test, and run environment.” @RealGeneKim at #AISA
@jdalessa: GeneKim: Change the agile sprint policy. At the end of a sprint have the code and the enviro it runs in.
@VS_: “Learnings from run environment need to be fed back to the devs; feedback loop a must.” @RealGeneKim at #AISA
@halans: Rapid fire DevOps preso by @RealGeneKim #aisa http://t.co/GftBVcRA
@halans: Andon cord pulled 100x a day at Toyota
@VS_: “Properly managed handover from Devs to Ops required to prevent fragile environment.” @RealGeneKim at #AISA
@Steve_Lockstep: Just arrived at #aisa. First slide I see of Gene Kim's is worryingly like TQM. Lets see where this goes ... But #qualityisdead
@halans: "We found that when we woke up developers at 2am, defects got fixed faster than ever" P. Lightbody
@jdalessa: GeneKim: Embed developers into IT Ops, more knowledge sharing, more transparency, more accountability.
@jdalessa: GeneKim: by embedding deb in ops defects are fixed faster, feedback loops are closed, soloing drops off. Culture changes.
@VS_: “Create a culture that encourages constant experimentation and learning from failure.” @RealGeneKim at #AISA
@jdalessa: GeneKim: Repetition is a prerequisite to mastery.
@transparenzia: RT @jdalessa: GeneKim: Embed developers into IT Ops, more knowledge sharing, more transparency, more accountability.
@jdalessa: GeneKim: in order to survive failure, we have to fail often -NetFlix
@VS_: “Netflix Chaos Monkey by @adrianco mentioned. Loud expressions of disbelief and ‘Whaaat?’ heard in the audience.” @RealGeneKim at #AISA
RT @VS_: “Netflix Chaos Monkey: @adrianco cited. Loud expr of disbelief and ‘Whaaat?’ heard in the audience.” @RealGeneKim at #AISA
@jdalessa: GeneKim: Anyplace we can fail, prior to our customers experiencing a failure of ours, is a positive dev environment.
@halans: Netflix Chaos Monkey Released Into The Wild #aisa http://t.co/Z8rQHTVI
@jdalessa: GeneKim: Allocate 20% of your cycles on IT debt reduction- Marty Cagen, eBay
RT @VS_: “20% cycles to reduce technical debt continually or spend all ur time reducing it” @RealGeneKim at #AISA
@VS_: “End result of Rugged Ops: winning all around.” @RealGeneKim at #AISA
@VS_: “In almost every organisation where departments are segregated: dev, ops, security, … failure is imminent.” @RealGeneKim at #AISA
@jdalessa: GeneKim: When people feel trapped in a system where failure is per-ordained, we suffer as people. IT waste has a flow on effect.#aisa
@jdalessa: GeneKim: More from Gene http://t.co/HXPEdLmm and IT Revolution Press
Thanks everyone! For slides, "Top 11 Things You Need To Know About DevOps," resources, goto http://www.instantcustomer.com/go/75894
A Manifesto For Cyber Security
Alastair MacWillson, Chair, Institute of Information Security Professionals, Global Managing Partner Security Practice, Accenture
Haha. "Immoral! Irresponsible!" :) @x509v3: @RealGeneKim @VS_ @adrianco I got the same reaction in a room full of auditors too :)