Three Lessons for Security Professionals: Be a Donkey!

Security Professionals: Be a Donkey!

How being a donkey can help you succeed in your daily work.

The donkey is considered to be a stupid animal in most of the western world. Actually, we might be pretty wrong about our current believes. As security professionals, we can definitely learn something from these friendly-looking creatures.

1) Learn Quickly

We have a Dutch saying A donkey does not bump into the same stone twice”. The thought is that if you make the same mistake twice, you are stupid. If we reverse this though: the donkey is actually smart. It quickly learns from experiences and tries to avoid making mistakes over and over. This is one of the areas in which donkeys are much smarter than most animals, including humans.

As security professionals, we tend to be busy all day. We have to deal with a lot of information, resistance, and politics. On top of that, we have end-users which don’t want to comply with security policies, including system administrators, developers, and even upper management.

Lesson

What we can learn from our furry friends is that we should adapt more quickly to our environment and learn from mistakes made in the past.

2) Fight or Flight

The donkey is a versatile animal, helping the human for centuries to transport, plowing land and actually protecting sheep against predators. It has a very logical way of thinking, in that it will fight or fly. It does not hesitate and makes quickly a decision on the current circumstances.

As security professionals, we are sometimes trapped between hidden agendas and different beliefs. Instead of clearly making a decision, we hide behind e-mail and policies.

Lesson

The behavior of the donkey is similar to the fight-or-flight mechanisms we humans had in the past. Nowadays we have too many choices,beliefs and internal company politics. Instead, we should quicker decide if we fight a situation or choose to step out, and let the person with the right authority make a decision.

3) Weaknesses

Donkeys have a weakness, which is the lack of being waterproof. This makes them vulnerable for rain and cold. The donkey knows this and needs a place to take shelter and keep itself protected against mother nature.

As security professionals, we have each our weaknesses. Unfortunately, most of the times we forget about this, especially when answering (difficult) questions from colleagues or customers. Too often we want to stay outside and answer everything, instead of taking shelter. It makes us vulnerable, possibly even annoying.

Lesson

What we can learn from this example is that we should go back to a safe haven, especially when we don’t know. We also should involve other specialists, instead of battling alone.

Image of a donkey learning a new trick

Like humans, the donkey has to learn by doing.

Conclusion

Donkeys are not stupid, but a little bit stubborn and cautious (like us). Yet they can be very flexible, and take action when required. We should adopt their flexibility, to get our work done. Learn from questions, cases, and mistakes from the past.

We also should know our personal weaknesses, and accept help from others when needed. Last but not least, information security is about protecting assets and knowing risks. We should sooner make decisions and decide to fight, or flight. This way we ensure our efforts are helping the company and business. After all, security is not just a price tag to protect the business, but also to stay in business.

Lynis Enterprise

Lynis Enterprise screenshot to help with system hardening

This blog post is part of our Linux security series and the mission to get Linux and Unix-based systems more secure.

Does system hardening take a lot of time, or do you have any compliance in your company? Have a look at Lynis Enterprise.

Or start today with the open source security scanner Lynis (GitHub)


Leave a Reply

Your email address will not be published. Required fields are marked *