If you\u2019ve paid attention the news recently you heard about the accidental missile warning that went out in Hawaii. I can\u2019t imagine the terror that must have resulted from that mistake. There are certain things that just are never funny, this is one of them. I don\u2019t see us ever looking back with fond memories on that event.But there are some lessons for us. I really started to think about what would I do if I was in this sort of situation? How could I prepare for such an event? I realized that I have no idea what I would have done. This is the sort of thing you just can\u2019t be ready for.My mind eventually wandered to cybersecurity and how we could learn a lesson from this event and I kept thinking about how could you possibly prepare for this. Emergency preparation requires a certain level of understanding, and the reactions must be simple, but they can have enormous results in such a situation. I realized I lack the proper level of understanding for that type of emergency.I don\u2019t intend to go over what sort of activities are the most useful during something like an actual disaster. There are far better resources than me and I don\u2019t want to give out bad advice. Bad advice can mean the difference between life and death. I don\u2019t want that sort of responsibility. What I want to focus on is how this relates to our current cybersecurity environment.The actual reality seems to be that most of the things we can do in nearly any emergency is are incredibly simple and can have huge impact. The very nature of humans is to let panic and curiosity take over, we forget basic things that can help prevent catastrophe.My favorite example of this is after a large meteor treating cuts from broken glass is the biggest problem. This is because everyone looks out a window at the bright light, the shock wave then breaks the windows, sending glass into the onlookers. How would you know this though? I know if I saw a bright light outside I would go look out the window. Or at least that\u2019s what I would have done.Security isn\u2019t really any different. We love to imagine situations where we have some sort of super attack that breaks into our environment and we get to use advanced techniques and tools to thwart the attackers. What\u2019s the problem in this situation though? Is it an attacker, or is it us?The simple answers are usually the best answers. Of course, that\u2019s easy to say in hindsight, we don\u2019t always understand what the simple answer to a problem is. We don\u2019t always understand what the problem is in some cases. It\u2019s very common to fail more than once before we understand what the actual problem is.Our challenge as security leaders is to first understand the problem. It\u2019s usually way easier to build solutions to problems that aren\u2019t real. Spend time to figure out what your actual problem is. If we put this in the context of an emergency, if something happens you\u2019ve never seen before, how do you know what to do next? Some people are very good at reacting quickly, most are not. Planning for the unknown doesn\u2019t work. If you don\u2019t understand your problem, you\u2019re trying to solve the unknown. It\u2019s not going to work.Once you understand your problem you can start to think about how to make things better. Again, we love to overengineer solutions at this point. The simple answer is generally not just the easiest, it\u2019s often the best. Simple and working is always better than complex and broken. If we look back to disaster planning, the most common advice you hear is usually \u201cstay where you are\u201d. That\u2019s about as simple as it can be and plenty of people won\u2019t follow it, many will meet with disaster. If you tried to give out instructions that needed ten complex steps nobody could follow those instructions.Remember that during a mentally straining situation it\u2019s very hard to comprehend lots of instructions. You need to keep things simple. If you\u2019re in the middle of a compromise you must be able to react quickly with extremely simple steps.The parting lesson to all this seems to be if we understand our possible problems, have a minimal amount of preparation in place, and have the simple solutions and instructions we can increase our chances of success greatly.