Cybersecurity at the Movies: Zombieland
Cybersecurity at the movies is a series of blogs in which I take a light-hearted look at cybersecurity through the lens of pop culture.
My friend and colleague James McQuiggan recently told me he’d listened to Walt Disney CEO’s Bob Iger’s audiobook and took away lessons that he could apply to cybersecurity.
Not wanting to be outdone, I took it upon myself to take pearls of wisdom from a thinker, and apply them to cybersecurity.
In my case, those pearls of wisdom came from Jesse Eisenberg’s character Columbus from the movie Zombieland. In the movie, the world is overrun by zombies with only a few survivors — Columbus comes up with his own set of rules to stay alive. Let’s delve into them and see how we too can survive in a world overrun by cyber threats.
Cardio
Cardio is immensely useful when running away from zombies. Equally important is understanding that cybersecurity is a marathon, not a sprint. Burnout is very much a real occurrence among cybersecurity professionals, so it’s important to pace yourself and stay for the long haul.
Double Tap
Double tapping is all about assurance. It’s to not sit back and be content just because you have rolled out a project and it’s officially completed. Go back and double check your controls — obtain the assurance that things are working as they were designed to. A little bit of extra effort early on can save a lot of effort in the long run.
Beware of Bathrooms
It can be easy to become complacent in comfortable or familiar scenarios. But those are precisely the times when bad actors will look to strike. It’s how malware evades endpoint protection or how operating slowly can avoid triggering alerts. It’s even why phishing works so well.
Seatbelts
No matter how good of a driver you are, or how safe the journey appears, you can never guarantee an accident won’t happen. In the realm of technology, having an incident response plan is your equivalent to having a seatbelt. You hope that you won’t need it, but in the event of an incident, you’ll be glad you have it.
The Buddy System
Whether it be segregation of duties or having someone check your code before it’s pushed to production, working in pairs, or as a team is always far more beneficial than trying to be a lone wolf.
When in Doubt, Know Your Way Out
This rule probably applies best to relationships with third parties, vendors, and partners. No relationship will last forever, and it’s important to have an exit strategy for business or commercial reasons. The worst thing an organisation can do in this day and age is to embed themselves so deep with a partner that they cannot leave the relationship.
Enjoy the Little Things
This is perhaps my favourite rule when it comes to cybersecurity. All too often, it can be easy to despair or worry about the big threats looming on the horizon. But sometimes you need to sit back and appreciate all the progress the industry has made and all the positive changes you’ve made to your organisation.
These rules kept our protagonists alive in Zombieland, so maybe there’s something we can learn from them to help keep us alive in cyber land.
*** This is a Security Bloggers Network syndicated blog from Javvad Malik authored by j4vv4d. Read the original post at: http://feedproxy.google.com/~r/J4vv4d/~3/djEeTdGMSDs/
