Episode Summary

Jon-Anthoney de Boer is the Product Security Lead at Transmax, overseeing security for critical infrastructure that manages traffic flow across Australia. Coming from a strong software engineering background, Jon-Anthoney shares his experience transitioning from traditional engineering into product and application security. He highlights the importance of aligning software engineering and security teams, building trust into the software development lifecycle, and fostering a security culture based on practical strategy rather than superficial metrics. Jon-Anthoney also discusses how behavioural change, organisational alignment, and operational excellence are key to achieving effective, sustainable security outcomes.

Timestamps

00:32 - Jon-Anthoney’s journey from electrical engineering to product security

05:08 - Transitioning from software craftsmanship to cybersecurity

09:30 - Why aligned incentives between engineering and security teams matter

12:22 - Goodhart's Law: pitfalls of security metrics

18:21 - Rethinking cybersecurity strategies beyond tools and compliance

25:12 - Building observability into the secure software development lifecycle

32:35 - Why executive support is crucial for security initiatives

38:34 - Operational excellence: removing waste from security processes

Mentioned in this episode:

Call for Feedback

This podcast uses the following third-party services for analysis:

Podtrac - https://analytics.podtrac.com/privacy-policy-gdrp
Spotify Ad Analytics - https://www.spotify.com/us/legal/ad-analytics-privacy-policy/