Coyote's Rules For Information Security Teams
Mar 2025I was revisiting Gen. Peter J. Schoomaker "Coyote's Rules" (page 13 of the PDF), and I thought it would be great to create a set of equally impactful rules for information security teams. I'm nowhere near the same level as Gen. Schoomaker, but I believe I did a solid job with the rules below.
Coyote's Rules for a "Special Operations" Information Security Team
- Stay Small, Move Fast
Be agile, adaptive, and decisive. Bureaucracy kills speed; execute with precision, delegate decisions, and empower team members to solve problems at the edge. - Think Like an Adversary
Anticipate threats, red team everything, and always stay one step ahead. - Win Through Influence, Not Mandates
Security succeeds when it’s embedded, not imposed. Make security easy and essential, not an obstacle. Good security integrates seamlessly into operations. - Simple is Secure
Complexity creates risk. Solve problems with the simplest, most effective approach. - Never Fight the Last War
Threats evolve. Challenge assumptions, innovate constantly, and stay ahead of the game.