Session Name: "Never Walk Into A Place You Don't Know How To Walk Out Of" - What "Ronin" Teaches us about DevSecOps, Cloud and Agile
"Cloud… Agile…Containers…Serverless…DevOps… even DevSecOps, we, as technologists, managers, users and executives are deluged with “this is your cutting edge today” buzzwords, methodologies, frameworks and solutions – but what are you to do to make sense of them, let alone make the right choice that doesn’t send you down the wrong path or bankrupt your resource pool? It’s pretty bold to say, “it’s easier than you think,” but there’s at least some good resources, lessons learned, as well as some good examples to hold out that can be observed, adapted and adopted by teams and organizations if you’re up to the challenge.
But why do I bring up the John Frankenheimer film “Ronin”? It all boils down to a scene early in the film, as the team is coalescing in café, all but one in there is unfamiliar with the environment and has a full picture of what is about to go down. The anti-hero, Sam, utters a line after the meeting, after he reaches behind a box to retrieve his previously stashed weapon: “I never walk into a place I don't know how to walk out of”. However, many discussions with executives and other leadership take the form of the follow up question from the opposing character, Deirdre: “Then why would you get into that van?” – Sam: “You know the reason.”
We have to transform our organizations through the measured adoption of new technologies, or incur lasting technical debt, which bleeds across the organization to process debt, and leads to real debt, as more resources are expended to keep older systems running and operating, even though more cost and operationally efficient options exist. This talk will review the various stages required to successfully transform and modernize technical operations with an eye on the maturity levels and states of example organizations. I will discuss how to unify, often siloed teams and workstreams, as well as how to have meaningful conversations with business process owners and senior leadership to help build support and assist in marketing the change for success."
"Amélie E. Koran is currently the Senior Technology Advocate for Splunk and recently served as the Deputy Chief Information Officer and most recently as Chief Technology Officer for the U.S. Department of Health and Human Services, Office of the Inspector General. However, Amélie’s path prior to today took her the long way around − through multiple industry sectors, academia, and the public sector. Her professional experience includes time spent at The Walt Disney Company, Carnegie Mellon University’s CERT/CC, Mandiant, The World Bank, Constellation Energy (now Exelon) and The American Chemical Society. She began her time in the public sector as Lead Enterprise Security Architect for the U.S. Department of the Interior, eventually moving on to lead Continuous Diagnostics and Mitigation implementation for the U.S. Treasury Department. Amélie later spent time on a leadership development rotation as part of the President’s Management Council Fellowship serving the Federal CIO in supporting cybersecurity policy analysis and legislative review, where she took an active role in the government-wide Open Data Initiative and helped in giving “birth” to the United States Digital Service (USDS). She’s an ardent advocate for innovative approaches to hiring talent and rationally applying security strategies and technologies for the public and private sector.
In her free time she collects movie memorabilia, toys and LEGO sets and swims and bicycles for exercise and fun. She’s an avid motorcyclist, having ridden the Iron Butt 50CC Challenge in 2010 on her way to BlackHat and DEFCON. She volunteers at local security conferences, primarily BSides DC and BSides NoVA, but can also be seen at BSides Las Vegas and DEFCON as a Goon. She’s married to a wonderful spouse (also a techie) and became a recent parent to two precious kittens at the end of October. While working for Stan “The Man” Lee, she received her superhero nickname when helping move his personal comic book collection to the company vaults from his original home in the hills overlooking Hollywood. Her original foray into the Internet was in 1993, building one of the first 1000 websites ever, called the “Star Wars Multimedia Archive”, and then in 1996 built the preeminent film and television music website, SoundtrackNet, which she ran until 2012 when she sold it to focus more towards her main career. While she plays the drums, she’s not very good at them, but can at least keep time."