An action hero and Internet phenomenon, would Chuck Norris be a suitable role model in cybersecurity?
It's a pity that cybersecurity hardly has any popular heroes that everybody knows and who people can relate to. Could Chuck Norris, the legendary actor and martial arts expert, be that hero?
In his movies, Norris beats bad guys with ease, either with his legendary roundhouse kick, or by just staring them down. According to countless jokes and memes, Chuck Norris seems like the perfect character to protect IT assets.
In a dream world, you could hire Chuck Norris as your chief of information security. You would never have to worry about breaches; no-one would even dare to attack you. You could just declare who is your ally and send a warning to crooks: Leave us alone, before Chuck Norris finds you!
Moving a bit closer to reality, how about setting yourself another target: get your cybersecurity Chuck Norris approved.
What would this mean in practice? For starters, nothing too complicated or costly. A basic requirement for Chuck Norris approval is to make regular cyber security assessments of your IT assets. Which ones are under the greatest risk?
Good cyber hygiene helps a lot in reducing the most serious risks to your organization. For instance, proper control of access to sensitive data is a powerful method to prevent or identify breaches rapidly. Additionally, it pays off to know all devices that are connected to your network.
Oh, wait: Does Chuck Norris need cyber security?
Still, there's one major problem: Does Chuck Norris really care about cybersecurity? Well, I'm afraid not. He's got no use for it himself, and he would certainly not be motivated at all.
Thus, instead of dreaming of a digital super hero, Chuck Norris can inspire us to better understand what to protect, why, and how. For instance, consider this joke:
"To Chuck Norris, everything contains a vulnerability."
As everyone knows, there's no such thing as complete security. Known and unknown vulnerabilities lurk everywhere in software, hardware, networks etc. Chuck Norris doesn't have to care; he just looks at IT, and it admits all vulnerabilities and fixes them out of fear.
But do you know your most likely vulnerabilities, or where they would be most fatal? Prioritize and focus on protecting your crown jewels as well as possible. This saves a lot of pain and money.
"Chuck Norris doesn't need passwords to access your system, he simply types * and the system gives him access."
As nothing can hide from Chuck Norris, ensure you have better systems, and that your admins do not bypass security checks. Don't ever let anyone in your staff imagine being like Chuck Norris. Make sure nobody ever does what Facebook employees did a few years ago: they had a universal master password to access any user account using a form of Chuck Norris' name!
One characteristic feature in Chuck Norris is his tendency to bypass rules and take an unorthodox approach. This works as a good reminder in cyber defence as well. The attackers are ruthless, imaginative, and their only rule is to beat you.
When you consider your defensive measures, one should be regular testing of your systems from the attacker's point of view: how do you look like in the eyes of a perpetrator, what are the most valuable things someone wants to steal or damage, what unconventional ways could someone use to intrude your systems?
You could aim at getting a black belt in cybersecurity and become your own digital Chuck Norris. However, if you take inspiration from him, you must be careful to not become overconfident and be lulled into a false feeling of security. You must remain alert at all times. Remember, not even encryption is enough:
"Chuck Norris can read all encrypted data, because nothing can hide from Chuck Norris."
As the birthday of Chuck Norris comes, do you want to know more about how to qualify as black belt holder in cybersecurity? Ask me, and I will tell you more!