Chapter 9. Security Chaos Engineering in the Wild
There is a growing community of security practitioners and organizations that are both advocating SCE and developing experiments through open source and other community initiatives. This chapter shares some of these stories from organizations that have successfully implemented security chaos experiments as a practice within their security programs.
Experience Report: The Existence of Order Through Chaos (UnitedHealth Group)
Authored by Aaron Rinehart
“Big things have small beginnings.”
T. E. Lawrence
UnitedHealth Group (UHG) and its technical service arm, Optum, provides healthcare products and insurance services to more than 85 million patients worldwide and is the largest U.S. health insurer.
As of February 1, 2023, UHG is ranked 11th on the 2022 Fortune Global 500 and has a market capitalization of $400.7 billion. The company is currently the world’s largest healthcare company by revenue and the largest insurance company by net premiums.
In 2018, while serving as the company’s chief security architect, UHG contained more than 380 business entities, operated globally, had annual revenue of $201 billion, and employed more than 270,000 employees worldwide.
The most prominent and difficult challenge that our organization faced at that time was incomplete technical documentation while conducting security architectural reviews. While we genuinely aspired to provide suitable security recommendations, we were never sure how accurate ...
Get Security Chaos Engineering now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
