No Silver Bullet – Essence and Accident in Cyber Resiliency Engineering

Cybersecurity incidents and failures impact critical public infrastructure, national defense, corporate economic interests, and personal privacy. As the magnitude and frequency of cyber events continues to escalate, vendors and agencies are desperately seeking solutions to solve this issue once and for all. In the 1980’s the software development industry was facing similar challenges. That crisis prompted Frederick Brooks to write his iconic paper “No Silver Bullet – Essence and Accident in Software Engineering.” The solutions and technologies detailed in that paper are eerily similar to the “breakthrough” solutions currently proposed for cyber. This presentation examines the “Silver Bullets” of cybersecurity, lessons we can learn from that parallel history, and the essence of challenges that confront modern security practitioners. Teresa Merklin is a Fellow at Lockheed Martin where she specializes in Cyber Risk Assessment and Engineering for Cyber Resiliency. She is currently attached to the Aeronautics Cyber Range which performs cyber assessment and penetration testing across the complete portfolio of Lockheed Martin aircraft and related systems. She has 30+ years of career experience starting out in embedded software development which slowly morphed into cybersecurity over time. Teresa holds a BSEE from Oklahoma State University, a Masters of Software Engineering from Texas Christian University, and an MBA from the University of Dallas. She holds the CISSP and CSSLP certifications.