Proact Blog

The footballing guide to cyber security

Yes, you read that title right. The recent World Cup got us thinking about the similarities between cyber security and a football match. When you think about it, a goalkeeper is ultimately responsible from stopping goals going in the net. But you wouldn’t place the sole focus on them to block every attack. So why let a single platform or person take responsibility for every incoming cyber threat?

Let’s take this analogy a step further.

The goalkeeper

The goalie can definitely be under-appreciated. Let’s face it, when we plan our fantasy football teams, we allocate most of our budget to forward-thinking players. Those who can put the ball into the back of the net, instead of the man in front of our goal. But why do we do this?

We do it because we’re attracted to the glamour of forward-thinking football. In the IT world, this would equate to innovation – the shiny new cool stuff we can’t wait to get our hands on.

Just as scoring goals – and innovation – are crucial to beating the opposition and ‘progress’, so too is a good defence. It’s no good scoring a lot of goals if you’re going to let in even more goals at the back. You need to have a rock solid defence as well as good strikers. The same is as true for organisations as it is for football teams. In addition to plans for growth and innovation, you need to have great cyber security, too.

The back 4

Good defences equate to success. Just take France, for example. They may have scored four in the final. But people also applauded them throughout the tournament for being hard to break down defensively.

This, to us, clearly resonates in the business world. Organisations that are highly reliant upon their data are paying particular attention to cyber security. Take MyMeds&Me as an example. By introducing our SIEM as a Service offering, the organisation that handles information from the likes of Pharma giant Pfizer, is offering great business value to its customers by integrating high cyber security standards into its daily processes.

Traditionally, taking a defensive approach to IT has had negative connotations, and so has playing defensive football. But today placing value on strong defences is a growing trend – both in football and in technology. Anyone can have a strong defence, and cost needn’t be a limiting factor. Investing in defence is investing in the future.

The midfield

From legal to HR, cyber security and data protection has been on everyone’s minds recently with the advent of the GDPR. This is like when the manager tells the midfield to ‘build from the back’. They don’t see defending as being their main priority and naturally want to head towards the final third. Similarly, in the business world, departments don’t mind allocating time to these important tasks, but don’t see them as their primary focus.

And it’s often the defence-reluctant midfield that causes teams to concede. They ignore what they’ve been told by their boss and forget to mark their man. Think insider threats. We continually tell the wider workforce to look out for phishing emails and only use approved tools. And when they don’t, they cause unprecedented cyber risks.

The strikers

It’s unrealistic to ask your strike force to think about defending all the time, but that doesn’t mean they can’t play a role in bolstering your defences. In training, forwards challenge their defensive team mates, so both sets of players refine their skills. We can compare this to pen-testing.

A penetration test, or pen-test, is an attempt to evaluate the strength of an organisation’s defences by safely exploiting vulnerabilities. Organisations usually conduct these using both manual and automated technologies that can systematically compromise servers, endpoints, web applications, networks and other points of exposure.

Where testers successfully exploit vulnerabilities, they can use the compromised systems to exploit other resources. The intelligence gained from these tests allows you to systematically manage your vulnerabilities. Just like the knowledge a manager would gain when strikers test their skills against their defensive teammates.

The bench

Substitutes are there when you need them and can completely change the fortune of a game. This is just like network sandboxing – an increasingly important part of threat detection. Just like subs are often introduced to a match to shake-up tactics, programs can be set aside in a separate environment. So if security issues occur, those issues won’t spread to other areas.

Football managers often decide to bring on defensive minded players to safeguard a result, just like IT managers opt for sandboxing to prevent attacking threats. Sandboxing doesn’t only protect organisations against advanced persistent threats (APTs). It also exposes previously unknown malware and blocks spear phishing attacks.

Other influences

In a football match it’s not just the players on the pitch that can influence the outcome. Firstly there’s the referee identifying fouls and making (sometimes) game-changing decisions. This can be a lot like third party auditors, pointing out faults that result in drastic changes to your game plan.

And then there’s the crowd. Their reception can make a game. A hostile crowd can cause confidence issues across the team. Whereas as a positive audience can create a sense of urgency and optimism. The same is true of your employees and your customers.

Data is a critical asset to any organisation. And the reality is you won’t necessarily receive any praise for keeping it safe – just like a team that retains possession of the ball. But if security is ever compromised, the business and your customers will be the first to blame the IT department for any troubles. Just like how the crowd reacts negatively to a player that loses possession.

Predicting the final result for your cyber security

It’s clear that a great defence alone is not enough. You need to score goals too. Let’s look at goal difference. When we do, we can see that Belgium topped the list at this World Cup with +10, meaning they’ve scored 10 more goals than they’ve conceded. But many plaudits seem to recognise Belgium’s main strength as being their midfield because of their ability to defend as well as attack. If anything, most seem to say that Belgium’s weakness was actually their defence. But they had a golden glove-winning keeper behind them protecting the goal. He was, however, unable to keep France’s winning goal out of the net, and France went on to beat Croatia in the final. Was it all about France’s goal-scoring ability? No. They had the most number of clean sheets of any team playing – 4.

It’s easy for your organisation to introduce a world-class defence without having to break the bank. You can call on Proact.

We accept that cyber security is a team effort. We’ll work alongside your IT team to define a proactive security roadmap. And we can provide you with leading tools and skills to put the right foundations in place.

But the best defences/security platforms come at a cost, right? Well we can make things more affordable. We have close relationships with market-leading security vendors so can help you get competitive prices. And you can also have our mature virtual security operations centres (vSOCs)  protecting your organisation round-the-clock, without having to hire or train for expensive in-house skills. Result.

Sign up to our eNewsletter

By clicking Sign up, I agree to the terms and conditions outlined in the Proact Privacy Policy.