Embed Notice

One of the complexities of thinking about resilience in an adversarial space like security is that we don't have cross-domain models with the same kind of structural utility — our intellectual peers are either scared 19 year olds trying not to get shot, their commanders who are trying to define behavior at scale via rigid rules to be executed by those scared kids, sociopaths in the business world who confuse ego and luck, spooks and criminals who can't or won't talk about their work, or football players with concussions.

There are models out there, but it's much harder to glean useful frames. Thankfully, we can lean heavily on work in the larger resilience engineering community.

[And yes, I, working in a field so young as to barely deserve the name, am absolutely selling everyone named above short, but hopefully even-handedly]