What can popular movies, TV shows, books, or video games teach us about cyber security? Maybe nothing, maybe everything. Join me to see if your favorite guilty pleasures can uncover any cyber security insights you’d never have expected, starting with The Walking Dead.
If you fall into the typical security/technology geek stereotype (of which I consider myself a proud member), you’ve probably already heard of The Walking Dead (#TWD). If you’re one of the few who haven’t, TWD was first a comic book series, and is now a popular television series chronicling the journey of a small town sheriff as he tries to locate his family and survive a zombie apocalypse.
So what does TWD have to do with information security (infosec)? On the surface, absolutely nothing!
Sure, I could say something about how botnet-infected computers are a lot like their namesake—zombies. Or, maybe how the evil-intentioned humans in TWD act similarly to malicious cyber actors. But, the truth is infosec plays no direct role in this popular zombie series. In fact, considering electrical power is hard to come by in apocalyptic situations, computers play almost no role at all.
That said, TWD—like all good apocalypse fiction—is all about surviving a threat-infested, risky environment. Because of this, the series naturally explores different strategies and tactics its characters employ to survive their hazardous surroundings. And as much as I love the Internet, what is it, if not a hazardous and risky environment?
In this article, I hope to draw parallels between some of the zombie apocalypse survival tips we learn about in TWD’s fictional world and cyber security strategies you can implement to protect your organization in the real world. So let’s dive in with the eight cyber security tips I learned from TWD.
1. Perimeters matter – One of the first things any character does in a zombie apocalypse is find or setup some perimeter of protection. Whether it’s shacking up in Morgan’s old house, hiding in Dale’s RV, defending Hershel’s farm, fortifying the prison, or (comic-based spoiler alert) walling off the town of Alexandria, zombie survivors need a safe place where they can let their guard down and rest.
This tip still holds true for cyber security. While our work habits and technologies have evolved, allowing us to work from many places, and changing our traditional perimeter, our headquarters and data centers will never go away. Servers—physical, virtual, or otherwise—have to live somewhere, and you will have to create a perimeter of defense to protect them. Sure, your full security strategy also has to account for mobile and external resources, but you don’t go tearing down your walls just because you have an away team.
2. Living, not surviving, is what’s important – Many first-time zombie survivors make the mistake of thinking that defending themselves against “walkers” is the most important part of their day. However, the TWD survivors quickly learn that for long-term survival, you need to concern yourself with normal living. You must eat, rest, exercise, think and find a way to relax or unwind—in other words, normal human business.
This rings true for business infosec as well. Just change the statement to, “business, not security, is what’s important.”