What can the Jackass films teach us about cybersecurity?
I’ve long been fascinated by people who have the ability to make any current event or piece of popular culture seem like it’s relevant to cybersecurity for the sake of generating Linkedin content. They do it with football scores, politics, births, deaths, movie releases, TV show finales, pictures of food, memes, climate change, fathers’ day, mothers’ day, international hat day, international steam train day, international day of international days and pictures of cute dogs.
It’s very annoying.
To entertain myself I decided to take the idea to the logical extreme and try to make a tenuous link between cybersecurity and the Jackass film franchise. Maybe this blog post should be called “How you can make a tedious connection between cybersecurity and literally anything”.
So what can the Jackass films teach us about cybersecurity?
Nothing. Obviously. But let’s try to infer some lessons anyway.
Lesson 1 - Risk Acceptance
If you haven’t seen the Jackass films, the premise is simple. A group of people do a series of stupid, dangerous and obscene stunts.
I would not do any of those stunts because they are too dangerous. You would not do any of those stunts because they are too dangerous. The TV show got cancelled because the stunts were too dangerous.
And yet, the Jackass movies have made $571m at the box office worldwide.
Everyone told the cast that what they were doing was dangerous. They knew it was dangerous. But they did it anyway. And they were hugely successful.
Here comes the tenuous link to cybersecurity: risk acceptance works in exactly the same way. As a cybersecurity professional, you can tell people that something is stupid and dangerous, but sometimes they will still do it.
Sometimes it will be a success and sometimes it will blow up in their face. The best you can do is give advice and try to make it less dangerous.
Lesson 2 - Resilience is important
It stands to reason that dangerous stunts result in significant pain. If your job involves being hit with solid objects, jumping off high things and licking mousetraps, pain is part of the package. But the Jackass cast are resilient. After suffering unpleasant injuries, they get up and carry on.
Here comes tenuous link number two: cybersecurity is exactly the same.
Well, not exactly the same. Because cybersecurity involves more wrestling with spreadsheets than with live crocodiles. But it is similar - resilience is essential.
Every organisation will be attacked. Almost every organisation will be breached. Having plans in place to keep critical processes running while you recover is vital. It’s not enough to think about what you can do to prevent breaches, you must also think about how you will respond when a breach happens.
Lesson 3 - Don’t take it too seriously
The philosopher Aristotle said: ‘The aim of the wise is not to secure pleasure, but to avoid pain.’
The philosopher Steve-O said: ‘If leeches are that great at healing, let’s see what they can do for my eyeball.
There are two ways you can approach pain; you can be angry about it or you can laugh. Either way, it hurts.
Our final tenuous link: taking cybersecurity too seriously doesn’t make it any less painful.
Physical pain may not be a regular part of cybersecurity and it is my sincere hope that nobody reading this article, or anyone working in cybersecurity more generally, will be dropped on their head or bitten by a snake. But there are still times when a sense of humour can help.
Cybersecurity can be intense. Things go wrong. Breaches happen. Burnout is a serious problem. But cybersecurity is very rarely a matter of life and death, so we shouldn’t act like it is.
I started writing this blog to amuse myself and to prove that you can find “lessons” for cybersecurity from literally anything if you try hard enough. To my surprise it actually makes sense and, without being arrogant, it’s probably the most interesting thing anyone has ever written about cybersecurity.
So let’s learn from Jackass - accept that cybersecurity comes with risk, be resilient and have a sense of humour. And if someone asks you to walk on a tightrope over a pit of alligators wearing nothing but a jock strap, ask them to go first….