Branden R. Williams, Business Security Specialist » Where is your Chaos Monkey?.
Branden Williams discusses applying the Chaos Monkey to information security.
We need more of the semi-controlled security events to keep our employees fresh and ready for the uncontrolled ones coming from the outside. Our version of the Chaos Monkey could do things like:
- Interrupt backup routines
- Phish employees
- Hijack caller-id and place “trusted calls from IT” to unsuspecting users
- Forward requests to common sites to look-alikes to see if employees are fooled
- Pop up bad certificate errors
- Offer new software packages as “security patches”
What features would you add into the chaos monkey?
The goal is improve the organization’s IT resilience. Incidents are inevitable. The question is, how will the organization respond? Practice will improve response.
