Monthly Archives: June 2013

HBR: Defeat Hackers with Biomimicry

So, why post a link to an article about defending against hacking in a Business Analyst reading list? First, because it’s a really good article. Second, because there are some potential lessons that apply well beyond the field of information security.


“Barriers — be they cell walls, border walls, or firewalls — are at best a temporary imposition to an invader. In the same way that tightly controlled unicellular life eventually evolved into more open and distributed multi-cellular life, the rapid evolution of cyber threats has outpaced the evolution of defensive barriers.  The lesson is simply that modern organizations should work under the basic assumption that almost anything electronic is now open source.”

“A full-spectrum approach favors generalized health over specialized defenses, and redundancy over efficiency. Organisms in nature, despite being constrained by resources, have evolved multiply-redundant layers of security.”

“Provided you want your organization to grow and innovate, you can’t reject technology altogether and you can’t wall yourself off from all threats. The best bet is to do what the most successful organisms on Earth do — accept the risk and adapt to the changes. ”

From a business analysis perspective the take-away (for me) is that we should strive to define a more adaptable solution (be it a technological system or a process), even if it’s not the “best”, or most efficient, solution. That could be a very controversial suggestion though and I’m curious what others think.

Here is a link to the article:   Defeat Hackers with Biomimicry

I came across the article originally through Bruce Schneier’s “Schneier on Security” blog, which I highly recommend.