EP 101: SDP 3 Economy of Mechanism
- S2E101
- 23:58
- July 21st 2023
https://www.yourcyberpath.com/101/
In this short episode, we are back discussing the Security Design Principles, with the third principle, Economy of Mechanism.
Jason and Kip explain the principle of Economy of Mechanism and how you want to apply it in your career as a cybersecurity professional without falling into the trap of overcomplicating things and most importantly, staying within the limits of your budget.
You should always keep things simple and practical and focus on providing value instead of following tedious complex processes.
Economy of Mechanism can be simplified in the following, “You don’t want to build a $100,000 fence to protect a $1000 horse”. Context is everything here, you need to understand what you are protecting and how your protections should be relevant to that.
What You’ll Learn
● What is the Economy of Mechanism?
● What happens when you overcomplicate technical controls?
● What are some examples of Economy of Mechanism?
Relevant Websites For This Episode
● https://www.yourcyberpath.com/
● https://www.udemy.com/course/irresistible-cybersecurity/
● https://www.yourcyberpath.com/ask/
Other Relevant Episodes
● Episode 94 - Ten Security Design Principles (SDP)
Your Cyber Path: How to Get Your Dream Cybersecurity Job
The Your Cyber Path podcast is designed to help you find out what it takes to get your dream cybersecurity job (from the hiring managers' perspective). After all, it is the hiring manager you need to impress in order to land your dream role. Stop wondering what the hiring manager is thinking, and learn first hand from our team of professional cybersecurity hiring managers who can help you cut through the process and understand what it takes to get hired these days.
Meet the Hosts
Jason Dion is a former college professor and the lead instructor at Dion Training Solutions. He has multiple information technology professional certifications, including Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Network Defense Architect (CNDA), Digital Forensic Examiner (DFE), Digital Media Collector (DMC), CySA+, Security+, Network+, A+, PRINCE2 Practitioner, and ITIL. With networking experience dating back to 1992, Jason has been a network engineer, Deputy Director of a Network Operations Center, and an Information Systems Officer for large organizations around the globe.
Kip Boyle is a husband, dad, entrepreneur, and experienced cyber risk manager. He founded Cyber Risk Opportunities LLC in 2015 after 7 years as the CISO of PEMCO Insurance in Seattle. As a captain on active duty in the US Air Force, he served in the Combat Archer and F-22 Stealth Fighter programs, where he was the director of enterprise network security. These days, he serves as virtual chief information security officer for many customers, including a professional sports team and fast-growing FinTech and AdTech companies. Over the years, Kip has built teams by interviewing hundreds of cybersecurity professionals. And now, he’s sharing his insider’s perspective with you!