Conclusion

At a time when constantly evolving software and systems feel so vulnerable—fragile even—applying chaos engineering to information security feels not just apt but imperative. When applied in a security context, chaos engineering bears the potential to reveal valuable and objective information about systems security, allowing organizations to more verifiably ensure the stability and reliability of the systems on which they depend.

SCE—and even chaos engineering itself—is still an emerging and advancing set of practices, techniques, and toolsets. It’s true that the shift in mindset is going to be tough for a few organizations initially, especially for those clinging to a traditional security ethos. But if we begin to challenge our assumptions, cultivate collaboration rather than silos, and learn through experimentation, we are certain to make a profound impact on an industry that so desperately needs it.

In conclusion, it is our belief that organizations charged with building safe and performant systems will find the same value we have in applying SCE. We hope that you, the reader, will join us in building a community of practice and help advance the state of SCE.

Get Security Chaos Engineering now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.