Cybernetics for Cybersecurity: Glenn Wilson (Part 1)

This week’s newsletter captures my reflections and the key insights from Part 1 of my podcast with Glenn Wilson, founder/CTO of Dynaminet and the author of a book on DevSecOps.

Glenn and I discuss about applying systems thinking and cybernetics - especially Stafford Beer’s Viable System Model (VSM) to cybersecurity.

Glenn traces his path from language studies and market research into software leadership and security, influenced by Deming, Meadows, Ackoff, Beer, Ashby, Wiener, and John Boyd. He argues cybersecurity outcomes are deteriorating (more breaches, rising costs, ransomware, and supply-chain issues) because the industry lacks a systemic worldview, blames individuals, with compliance driving scan-and-score practices that flood teams with vulnerabilities and false positives, creating friction between security and developers.

The discussion critiques command-and-control governance, emphasizes communication/feedback loops, autonomy with cohesion, requisite variety, and draws safety analogies showing how redesigning systems can improve both flow and security.

A MUST WATCH for Cybersecurity executives and practitioners!

Members of the Cyb3rSyn Community can watch/discuss the podcast episode on the www.cyb3rsynlabs.com portal or the mobile app (iOS and Android). The video is also on YouTube here 👇🏾

Let's face it: as an industry, we are failing at cybersecurity. Data breaches are rising, ransomware is rampant, and the financial and customer impacts of incidents continue to skyrocket. Why does it feel like the attackers are always winning?

It was a delight to chat with a fellow cybersecurity practitioner who also takes a multidisciplinary approach for cybersecurity - rooted in systems thinking and cybernetics.

Glenn has a draft paper around this topic - please reach out to him directly if you are interested in getting a sneak preview. We discuss the Viable Systems Model (VSM) in this episode, which we’ve also covered at length in a previous newsletter post. Feel free to checkout that post before reading this one.

Here are the key takeaways and my reflections from the conversation.