#184 - Complexity is Killing Us

In this episode of CISO Tradecraft, host G Mark Hardy explores the challenges complexity introduces to cybersecurity, debunking the myth that more complex systems are inherently more secure. Through examples ranging from IT support issues to the intricacies of developing a web application with Kubernetes, the discussion highlights how complexity can obscure vulnerabilities, increase maintenance costs, and expand the attack surface. The episode also offers strategies to tackle complexity, including standardization, minimization, automation, and feedback-driven improvements, aiming to guide cybersecurity leaders toward more effective and less complex security practices. Transcripts: https://docs.google.com/document/d/1J0rPr0HxULpeVJMIwXKXqHuCfnXn4gDu Chapters  00:00 Introduction 01:03 The Misconception of Complexity in Cybersecurity 02:41 Real-World Complexities and Their Impact on IT 10:06 Simplifying Cybersecurity: Strategies and Solutions 14:48 Conclusion: Embracing Simplicity in Cybersecurity