just culture and improving over failure

You might not agree with it, but it’s worth reading and digesting Rich Mogull’s post “The Security Profession Needs to Adopt Just Culture.” I like the concept; it’s not really all that foreign when you look at it.
While the examples of healthcare and aviation deals with a) human life, b) involves actual adversaries, and b) fairly closed systems where you don’t necessarily get widespread public outcry, it’s still a good rule to live by in a career. This works a little better, also, when talking about individuals in a system, rather than a system (Twitter) within an ecosystem (the Internet? or company+users?).

Besides, this is really an extension of avoiding a risk-averse workforce that is ruled by fear of failure, rather than learning from failures.

At any rate, good post and thoughts, as usual!

Leave a Reply

Your email address will not be published. Required fields are marked *