What can IT security professionals learn from safety literature?
When airplanes crash, mines explode, or dams are breached, extensive public investigations usually follow. The immense human suffering that has been caused by these accidents has lead to serious work put into understanding how and why these accidents happen (and happen, again). It turns out that most accidents are not as straightforward as we'd like to imagine them to be. Consequently, dealing with them in an effective way is also not straightforward: e.g. there is rarely, if ever, a single cause one could "just fix". Can we use the learnings from these domains to better deal with issues in IT security? In this talk I will try to point to a new, emerging paradigm of looking at IT security as a system that should aim to be Resilient/Observable, rather than Robust/Reliable, as put so neatly by Mario Platt, following the footsteps of "Safety Differently" by Sydney Dekker, itself based on the work of Diane Vaughan, Charles Perrow, Barry Turner, and others.