Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:00 PM
Dean Coclin
Dean Coclin
Connect Directly
E-Mail vvv

3 Things Wilderness Survival Can Teach Us About Email Security

It's a short hop from shows like 'Naked and Afraid' and 'Alone' to your email server and how you secure it

Predators are opportunists. This is true whether the predators are wild animals, like the lions, bears, and wolverines on survival reality TV shows like Naked and Afraid and Alone, or are cybercriminals using the novel coronavirus pandemic to attempt to pry data and money from people. Companies must protect data with remote email security as more employees work from home.

In both TV shows, people overcome incredible challenges. Naked and Afraid participants – typically one man and one woman at a time – attempt to stay for 21 days in the wild with no clothes and little more than a firestarter. Alone participants – separated from each other in the wild – build shelter, start fires, and forage and hunt for food to outlast the others and win $500,000.

Warding off predators in the wild is critical for the people featured on Naked and Afraid and Alone. The lessons learned from their in-the-wild protective measures can be applied to the corporate world and remote email security.

Lesson #1: Build a Shelter
In the jungles of South America, lean-tos are popular. In African countries, Naked and Afraid participants use tangled branches and other natural resources to build bomas. A boma is a traditional enclosure used to hold livestock or serve as a small dwelling. They're typically round, about 6 feet high and can be closed up at night. There, participants can feel protected from lions, hyenas and other nocturnal predators.

In Everything on 'Naked and Afraid' is Real – and I Lived It, Blair Braverman describes her experience on the show in South Africa and shares how there was no other option than for her and her partner to immediately build a boma.  

Just as shelters provide a home away from home for participants on adventure shows, a virtual private network (VPN) offers an office away from the office for remote employees. VPNs take the reassuring qualities of the company's private network – including its security, functionality, and management – and delivers them to the public network being used by the remote employee. 

VPN, which can be supplemented with digital certifications, protects a computer's information from cybercriminals who want to use it to access personal company data. Using a VPN is "one of the most essential precautions" to take for remote employees, including senior executives, according to Entrepreneur.

"When you're handling login information to company bank accounts, software accounts, or intellectual property, it's vital that you protect yourself," the article says. "Not to mention, it's essential that you protect your employees from hackers as well. You have records of them on your servers, after all, so it's vital that you secure that information appropriately."

Lesson #2: Put Up Barriers
In the wild, threats come from all sides. Participants of Naked and Afraid and Alone respond by putting up barriers of all kinds between themselves and threats. They cover themselves with mud to deter mosquitos. They use branches to elevate their beds above snakes and other potential dangers on the ground.

On Alone, some participants cook in a separate location from their shelter; "otherwise, curious animals will come nearby," according to Survival Skills Guide, adding that predators are looking for easy meals.  

Cybercriminals seek easy marks. Using Secure/Multipurpose Internet Mail Extensions (S/MIME) for email encryption makes it much more challenging for them to assess confidential data in employee emails. Keep in mind that if this protective email barrier is to work, both your company and regular recipients must have S/MIME. 

S/MIME, a standard for public-key encryption, prevents anyone other than the intended recipient from intercepting – or tampering with – email messages from the sender. Recipients know that the message received is the one that was sent.

Lesson #3: Set Up an Early Warning System
On the sixth season of Alone, participant Jordan Jonas successfully caught rabbits, fish, and a bull moose while in the Arctic chill of northern Canada, according to The Spokesman-Review. He stored the meat on a high platform he'd constructed outside his shelter. But after a wolverine stole some of his moose fat, he needed a warning system.

Jonas ran a cord from the platform to his shelter, with empty cans foraged from the shore strategically placed above his shelter's entrance. He reasoned that if a wolverine attempted to climb onto the platform and tripped the cord, the rattling of the cans would alert him. It worked and captured the wolverine before it could take any more of his food.

Cybercriminals can seem as ferocious and tenacious as a wolverine. COVID-19 phishing attacks increased by 600% during the first quarter of 2020, according to Forrester.

Domain-based Message Authentication, Reporting and Conformance (DMARC) acts as an early warning system to enhance remote email security. With DMARC, phishing emails are caught by the email provider of the recipient and quarantined or rejected before they show up in the recipients' Inboxes. IT can even receive notifications of any phishing email attempts by setting up alerts.

Consider this example of how DMARC works. A cybercriminal wants to steal your company's business credit card numbers so impersonates your HR manager in an email. That email says that the company needs to update its records so employees should confirm their business card numbers. Before this email reaches employees, DMARC alerts your IT department of the phishing attempt and notifies your company's email provider, which stops the email before it can confuse employees. 

As more employees work from home, keeping data safe from cybercriminals is more challenging. The number of phishing emails and malware threats have soared over the past couple of months. Borrowing strategies that have kept people safe from predators in the wild can keep the company protected from cyber-predators preying on remote employees and trying to snag company data.

Related Content:

Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really bad day" in cybersecurity. Click for more information and to register

Dean Coclin is the Senior Director of Business Development at DigiCert. Dean brings more than 30 years of business development and product management experience in software, security, and telecommunications to the company. In his role at DigiCert, he's responsible for ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-13
Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere.
PUBLISHED: 2021-05-13
The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
PUBLISHED: 2021-05-13
In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise...
PUBLISHED: 2021-05-13
A Denial of Service due to Improper Input Validation vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially to prevent any new user connections.
PUBLISHED: 2021-05-13
A Remote Code Execution vulnerability in the Management Console component of BlackBerry UEM version(s) 12.13.1 QF2 and earlier and 12.12.1a QF6 and earlier could allow an attacker to potentially cause the spreadsheet application to run commands on the victim’s local machine with t...