Tech Debt Burndown Podcast Series 2 E2: Andy Ellis
Posted on Monday, Feb 13, 2023
Show Notes
Recording date: Feb 14, 2022
Download at Apple Podcasts, Google Podcasts, Spotify, iHeartRadio, Spreaker or wherever you get your podcasts.
“Stop calling it technical debt” - Andy Ellis
With intros over, Nick asks Andy about metrics, and Andy immediately responds by saying “stop calling it technical debt”. Executives have an understanding of ‘debt’, and it’s not a bad word for them, it’s what fuels everything around them. This leads into discussion of when’s the right time to ship software. Something unfinished might feel too early, but how else do you get feedback from users?
“Risk is the net present value of bad things happening in the future”
We then get into Andy’s model of deferred risk, and how that can drive a conversation about what to do now, and what to put off until later. This eventually takes us to talking about Dungeons and Dragons alignment charts, and how it’s good to have a diverse team who bring a variety of viewpoints.
Andy then gets into how people want to quantify risk, but often that’s impossible. But there are ways to position risks in a visualisation, which can help people reason about the range of risks they’re dealing with. When it comes to assigning resources to the work on risk mitigation Andy runs through some approaches that have worked for him, which include ‘borrowing’ people to get things started then ‘giving them back’ to ensure that the effort is sustained. That brings us to our close, with Nick complaining about the knives in his house being dull, even though his son makes and sharpens knives…
Guests
Andy Ellis
Andy Ellis is the author of 1% Leadership. He is the Advisory CISO at Orca Security and the Operating Partner at YL Ventures, and is an advisor to several cyber security startups, including Vulcan, Uptycs, Grip, Perygee, Vendict, Valence, Piiano, and Eureka. He is the founder and CEO of Duha, a leadership development company that focuses on bringing training to people earlier in their careers, and is writing a book on leadership. Andy writes the Straight Up Security column for CSO Online.
Andy Ellis is a seasoned technology and business executive with deep expertise in security, managing risk, and leading an inclusive culture. A graduate of MIT and former US Air Force officer, Andy designed, built, and brought to market many of Akamai’s security products. His leadership helped propel the Fortune 1000 company from its start as a content delivery network into an industry powerhouse with a billion-dollar dedicated cybersecurity business. In his twenty-year tenure, Andy led Akamai’s information security organization from a single individual to a 90+ person team, over 40% of whom were women. In running Akamai’s security program, Andy designed systems, governed risk management, implemented policy, and supported go-to-market functions. Widely respected across the cybersecurity industry for his pragmatic approach to aligning security and business needs, Andy regularly speaks and writes on cybersecurity, leadership, diversity & inclusion, and decision-making.
Long active in internet policy and governance circles, Andy supported Akamai CEOs in roles on the NIAC and NSTAC, as well as directly served on the FCC’s Communications Security, Reliability, and Interoperability Council. A recognized thought leader on security issues, Andy has spoken at conferences like RSA and Business of Software, and lectured at the Harvard Kennedy School, Harvard Business School, Army War College, BC Law, and the MIT Sloan School.
Andy has received a wide variety of accolades, including the CSO Compass Award, Air Force Commendation Medal, Spirit of Disneyland Award, Wine Spectator Award of Excellence (for The Arlington Inn), and was the winner of the Sherman Oaks Galleria Spelling Bee. He was inducted into the CSO Hall of Fame in 2021.
He currently serves on Harvard University’s Visiting Committee to IT. After receiving a degree in computer science from MIT, Andy served as an officer in the United States Air Force with the 609th Information Warfare Squadron and the Electronic Systems Center.
Hosts
Chris Swan
Chris Swan is an Engineer at Atsign, building the Atsign Platform, an open source networking platform that is putting people in control of their data and removing the frictions and surveillance associated with today’s Internet.
He was previously a Fellow at DXC Technology where he held various CTO roles. Before that he held CTO and Director of R&D roles at Cohesive Networks, UBS, Capital SCF and Credit Suisse, where he worked on app servers, compute grids, security, mobile, cloud, networking and containers.
Chris is an InfoQ Editor writing about cloud, DevOps and security, and is a Dart Google Developer Expert (GDE). He’s a frequent speaking on supply chain security (SBOMs, SLSA and OpenSSF Scorecards), the Dart programming language and AI.
Nick Selby
Nick Selby is the founder and Managing Partner of EPSD, with a career spanning technology leadership, not-for-profit leadership, law enforcement, and cybersecurity. He serves on the board of directors of the National Child Protection Task Force, and the advisory board of Sightline Security.
He has held key executive roles at Evertas, Trail of Bits, 451 Research (now S&P Global Intelligence), and Paxos Trust. He served as Director of Cyber Intelligence and Investigations at the NYPD, and as both paid and reserve Texas police detective specializing in investigations of child sexual abuse material and online investigations.
He is co-author of several books, including Cyber Attack Survival Manual, Blackhatonomics: An Inside Look at the Economics of Cybercrime, and In Context: Understanding Police Killings of Unarmed Civilians; he was technical editor of Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace.