Published Feb 14, 2024

Quality Code, Safer World: Rethinking Security in Software Development | Beyond Coding Podcast #144

Explore the evolution of security in software development as Patrick Akil and Jelle Niemantsverdriet delve into innovative strategies for integrating security roles into software teams, building user-friendly systems, and reshaping security practices to enhance resilience and trust.
Episode Highlights
Beyond Coding Podcast logo

Popular Clips

Episode Highlights

  • Trust Building

    Building trust within teams and across departments is crucial for creating a secure and resilient organizational environment. and discuss the importance of professional pride and ownership in fostering trust, emphasizing that security should be seen as a broader trust topic rather than just a technical issue 1. suggests that organizations should focus on building bridges between teams through scenario analysis workshops, which can help identify critical systems and foster collaboration 2. He notes, "You start to see this little sort of snowball to the organization, because then, of course, there's also going to be, maybe you start to have this with one team, and then maybe by the time you schedule the second set of interviews, they already say, like, oh, yeah, I've been speaking to so and so from the first team, and they liked it, or they learned something."

       

    Empowering Safety

    Shifting away from compliance-centric approaches to empowering individuals is key to enhancing safety and security. highlights the work of , who argues that human error is often a systemic issue rather than an individual failing 3. Decker's approach suggests that empowering people with the right knowledge at the right time can lead to better safety outcomes. also stresses the importance of understanding how people interact with systems, advocating for "people awareness for security" rather than just security awareness 4. He states, "We don't need security awareness for people. We need people awareness for security."

       

    Challenging Norms

    Challenging established security norms is essential for adapting to the evolving technological landscape. and discuss the need to reassess outdated security practices, such as frequent password changes, which research shows may not enhance security 5. They emphasize the importance of questioning long-standing practices and integrating new, more effective security measures. also introduces the concept of the "Ikea effect," suggesting that involving people in the security process can increase their investment and care for the system 6. He explains, "Sometimes it could also be useful to build in some friction at the right places."

Related Episodes