Coyote's Rules For Information Security Teams

Mar 2025

I was revisiting Gen. Peter J. Schoomaker "Coyote's Rules" (page 13 of the PDF), and I thought it would be great to create a set of equally impactful rules for information security teams. I'm nowhere near the same level as Gen. Schoomaker, but I believe I did a solid job with the rules below.

Coyote's Rules for a "Special Operations" Information Security Team

  1. Act Without Waiting
    When risk is moving, hesitation is failure.
    Great defenders move first, learn fast, and adjust later.
  2. See Through the Noise
    Data, alerts, reports; all partial truths.
    The real skill is pattern recognition under uncertainty.
  3. Adapt or Become Obsolete
    Tools age overnight, attackers evolve daily.
    Stay curious, retool constantly, never assume mastery.
  4. Own the Mission, Not the Metrics
    Compliance isn’t protection.
    Your loyalty is to resilience; not the dashboard.
  5. Trust Human Instinct
    Automation scales defense, but instinct saves it.
    When the playbook breaks, think; don’t just execute.