Game of Thrones’​ Great War and Cybersecurity

Did you catch the epic Game of Thrones episode “The Long Night” last night?

If not, be warned…SPOILERS AHEAD

I couldn’t help watching this episode and thinking how it is an analogy for protecting one’s most critical assets in the digital age.

These are the cybersecurity concepts came to mind as I was watching the episode.

Defense in Depth

Armies outside a boobytrapped trench, outside the castle walls, manned by archers, and even more boobytrapped structures inside the castle walls.

Each defense taken in isolation has a weakness and can be overcome. When you stack them all together they become extremely formidable. Each defense raises the bar against the attacker.

Minimizing Attack Surface

It is easier to secure a smaller footprint. Minimizing the attack surface is often the easiest win in cybersecurity. With the literal “firewall” in the trenches around Winterfell, the army of the living basically eliminated the ground-based attack surface. Now granted even though the dead were able to breach that defense by piling up bodies, it is a great tactic in war and in cybersecurity.

If we can take inventory of what is accessible to the attacker, and eliminate any unneeded exposure points, we make the attacker’s job even more difficult. When going from zones of lower trust to higher trust (e.g. Internet to DMZ, DMZ to internal, guest wireless to internal), we should focus our efforts on eliminating all exposure points that are not necessary.

Root Cause Analysis

Do you ever feel like you are fighting fires? Like you slay a bunch of the dead then all of a sudden they are back up on their feet attacking you again?

We often spin our wheels addressing the symptoms of the real problem. Like being hyperfocused on a single vulnerability instead of addressing our patch management process. Like working to rebuild a user’s system when they will just get it reinfected because they still have admin privileges and like to click links. Like reinventing the incident response process again because we still haven’t taken the time to plan ahead of time.

Sometimes you need to slay your Night King to win the war. Stop hyperfocusing on the symptoms and start addressing the root cause.

Collaboration Wins Wars

Sometimes the only way to survive is to collaborate (even with your competitors) to defeat your common enemy. Threat and intelligence sharing really can make a difference.

Are you operating in a silo or are you helping others in your industry, in your region? Are you just consuming threat and intelligence information or are you providing your own value to the community?

I encourage you to find a way to contribute. We all have experience and boots-on-the-ground perspective of cyber warfare. Find your own story and provide your own value to the community.

We Need All The Men and Women We Can Get

Much like the onslaught of dead into Winterfell, the cybersecurity journey can seem like a never-ending battle against an ever-growing barrage of maliciousness that will lead to the inevitable breach. It is true that we lack the proper resources to protect our critical infrastructure and key resources. Just look at the 3 million person shortage in the cybersecurity profession worldwide. But if Arya Stark were on your security team, would you tell her that the battle is pointless? We need to bring our best minds together to defeat that which seems unbeatable.

We need to find our Samwell, our Arya, our Lyanna Mormont, our Bran, our Sir Jorah Mormont. We need our fighters and thinkers to stay the course and lift up our security during our dark days. We are all here to fulfill our purpose. What is your purpose?

We need all the men and women we can get in cybersecurity, because The Last War is ahead.

Prevent the Breach

I know what my purpose is. To provide highly valuable and actionable resources to IT and Security teams to prepare for the cyber war ahead. I’d like to invite you to join my training program that starts May 22nd. More information here.

To your success,
Geoff