Circle Up: What Reindeer Cyclones Can Teach Us About Zero Trust Security
My buddy Chase Cunningham (also known as “Dr. Zero Trust”) likes to say “You don’t have to be the fastest gazelle on the savannah — just faster than the slowest one.”
It’s a good metaphor for cybersecurity. The idea is that perfection isn’t necessary. As long as you’re faster than someone else, the attacker will get them first. You survive by being slightly less bad.
But I think this mindset can go a step further, especially as today’s attackers get more and more sophisticated.
I brought this up during a recent podcast with Chase. As he drew again on the gazelle analogy, I couldn’t help but think back to something I experienced during my recent trip to Helsinki, Finland, for a NATO cybersecurity conference.
While shopping for a gift for my soon-to-arrive grandson, a colleague pointed out a stuffed reindeer and then dropped a fascinating fact about Scandinavian wildlife: the reindeer cyclone.
What’s a reindeer cyclone?
When threatened by predators — wolves, bears, or even humans — herds of Scandinavian reindeer don’t scatter like gazelles. Instead, they tighten formation.
The strongest reindeer form a circle and begin to run in a vortex, surrounding their most vulnerable members, the fawns, the weak, and the old. They move quickly in synchronized spirals. From the outside, it looks chaotic. But from above, it’s strategic, coordinated, and almost hypnotic.
This phenomenon, known as a reindeer cyclone, creates a living, moving shield. It disorients predators, and often it works so well that the predator just gives up.
The drone footage above of reindeer in Russia’s Kola Peninsula captures this behavior in stunning detail, with hundreds of animals spinning like a storm, impossible to penetrate. Even Vikings observed this behavior and were baffled by it. They couldn’t pick off a single animal.
This, to me, is a better, more modern metaphor for Zero Trust.
Zero Trust is about strength in design
In cybersecurity, you can’t rely on being faster than the threat. There’s always going to be a faster lion. There’s always going to be a slower gazelle.
That’s why you have to be a reindeer.
Zero Trust is about building your defenses before the attacker shows up, not running once they do. It’s about surrounding your critical assets, what we call the “protect surface,” with strong, dynamic safeguards that move, adapt, and hold formation — just like the reindeer cyclone.
You don’t protect everything equally in a Zero Trust model. You focus on what matters most. You limit access, stay vigilant and prepared, and respond to dangers before they become disasters, so your critical assets stay protected at the center.
Herd defense is cyber defense
The reindeer don’t act alone or run solo. They protect each other.
This is another important lesson for security teams. Zero Trust isn’t just a technology architecture. It’s also an organizational mindset.
The reindeer know their roles. The strong take the outside, and the weak move inward. Everyone adapts based on terrain, threat, and pressure.
Some herds move clockwise, others counterclockwise, whatever works best for the moment. That flexibility is what makes them resilient.
Zero Trust isn’t just a technology architecture. It’s also an organizational mindset.
Your security architecture needs that same level of coordination and adaptability. It’s not about stacking static perimeters. It’s about designing for movement, responsiveness, and shared responsibility.
Don’t just run. Circle up.
When considering your organization’s security strategy, ask yourself: Do you want to be the least slow? Or do you want to be the best protected?
Because real cybersecurity isn’t about running faster than someone else. It’s about building an environment so secure, so coordinated, and so adaptive that attackers simply give up.
Be a reindeer, not a gazelle. Circle up and protect what matters most.

John Kindervag
Chief Evangelist