6. Donít be a jerk! Ė Every zombie apocalypse story has that guy. The antisocial, disagreeable jerk who just continues to bicker and bring the group down. This guy is a lightning rod for disaster and tragedy. For instance, remember Carolís abusive husband, Ed? His bad decisions put the group, and ultimately himself, in harmís way.
Donít be that guy at your organization! Cyber security has risen in prominence the last few years. Itís left the LAN room closet and entered the business mainstream, and even the boardroom. Whether itís educating users, helping HR, or campaigning for an increased budget, good infosec professionals should find themselves interacting with people from other departments more often. Unfortunately, technical security experts have the reputation as sometimes coming off as cynical know-it-alls, who just impose draconian rules for no perceivable reason. Donít be that guy.
Gaining allies rather than enemies is often more about how you communicate, not necessarily what you communicate. If you take the time to listen to your co-workers, educate with patience, and communicate in a friendly manner, maybe the next time you have to impose a new security policy, your co-workers will recognize it for the well-intentioned security strategy it is, rather than interpreting it as a heavy-handed roadblock. Furthermore, if you spend time making friends rather than enemies, you might find the purse strings a bit looser the next time you need budget for some new security project.
7. Malevolent humans are scarier than zombies Ė In my opinion, TWD isnít a story about zombies, itís a story exploring human sociology in extreme situations. While you may think zombies are the biggest threat at first, you quickly realize that humans whoíve suddenly risen to positions of power can be much more evil, and less predictable, than any walker. Case in point; The Governor (need I say more?).
Now just imagine the walkers as automated, opportunistic cyber threats (such as botnets, worms, and viruses), and imagine the evil human characters as the advanced human attackers targeting our companies today, and you have the same situation. The latter concerns me much more than the former.
The tip here is, spend more of your time and money trying to defend against advanced targeted attackers. In the end, any security solution that protects against the more sophisticated attacks dreamed up by human hackers will easily block your run-of-the-mill automated attacks as well.
8. Security is all about trust Ė One of the biggest lessons TWD characters learn time and time again in the series is to be careful whom they trust. Meeting new people in this fictional apocalyptic environment is dangerous. Strangers can either be for you or against youótheyíre rarely neutral. You have to quickly figure out who you can trust, in order to set your proper guard. Thatís why Rick designed a three-question test to quickly assess new people: How many walkers have you killed? How many humans have you killed? Why?
Information security is also all about trust. Really, our whole job as infosec professionals deconstructs down to:
- Figuring out who our organization trusts (and how much they trust them); then
- Finding what data our organization values, and trying to limit access to that data to those we trust enough.