Resilience, Speed, and Unexpected Threat Models

Last Sunday, I learned an important lesson about risk management the hard way—when my wife accidentally ran over my foot while peeling out of the driveway.

Here’s the thing: I knew the car was moving, I knew I was standing too close, and yet, I still failed to account for the exact way things could go wrong. Sound familiar?

In DevSecOps, I talk a lot about shifting left, automating security, and baking resilience into our systems. But sometimes, it’s the unexpected attack vectors—the human errors, the miscalculations, the “that would never happen” scenarios—that hurt the most.

• Speed without safety is a risk multiplier. Just like a rushed deploy, a quick getaway can have unintended consequences. I am just glad she didn't run over my foot halfway and stop with my foot still under.
• Threat modeling is only as good as the assumptions behind it. I assumed she knew I had the door open and was not buckled in the backseat, and she could see me in her rear view mirror. I wasn't aware one foot was in the danger zone.
• Resilience matters. My foot (and our systems) need to be built to withstand occasional failures. I wasn't able to play basketball that evening, but I was able to play Monday and Tuesday night.