I came across this humorous little collection of life saving aviation quotes. As a pilot, it’s good to have these little quips tucked away for when things move away from straight and level. A good friend of mine pointed out that he often used one of these quotes in InfoSec-related keynotes he gave, and I thought I’d share some here with InfoSec commentary!
- Aviate, Navigate, Communicate. When the proverbial crap his the fan, information security professionals may be the key to keeping a company safe (or the catalyst to a bad situation) from a data loss. As a pilot, when things go wrong you have to remember to fly the plane, navigate it to a safe place, and tell controllers about your problem. In information security, you need to remember that the business still has to operate, you still need to serve your customers, and you need to do all of this while you are containing the situation and rapidly recovering to a known-good state.
- Flying, like life, is full of precluded possibilities. Can’t do… won’t do… shouldn’t do… This one is a toughie for information security professionals today. While you probably have your list of Can’ts, Won’ts, and Shouldn’ts, you also need to have your backup list of Cans, Wills, and Shoulds. If the business comes to you for help with a big revenue opportunity and you say no, you can guarantee that you will be removed from the equation. Shadow IT is a thing, and its up to InfoSec and IT pros to prevent it from happening. Like Smokey the Bear says, “Only you can prevent
forest firesshadow IT!”
- It’s better to be on the ground wishing you were the air, than in the air wishing you were on the ground. Every pilot has faced this at some point in the form of marginal weather, inaccurate forecasts, or heavy traffic. As an add-on to the previous quote, providing solutions that don’t ultimately get used by the business may still create Shadow IT, but it should, in theory, highlight key issues and risks at a high enough level for an appropriate risk decision to be made. In theory.
- Never let an airplane take you somewhere your brain didn’t get to five minutes earlier. I think InfoSec professionals are typically pretty good at avoiding this trap. Don’t let things happen without having a working understanding of the long-reaching effects of those actions.
I hope you enjoy these and all the other ones. Put your favorites in the comments below!