Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

6 Lessons from GoT Episode ‘The Long Night’ on Defending Your Organisation from Hackers, Malware—& White Walkers!

May 3, 2019

  • Blog
  • Archive

We are already a month into the new fiscal year for the UK public sector, and organisations are beginning to get confirmation of this year’s cybersecurity budgets to address the ongoing challenge of a relentless cyber threat landscape.

With that in mind, let’s review lessons from the riveting Game of Thrones (GoT) episode ‘The Long Night’ (season 8, episode 3) that your organisation can apply to triumph in the forthcoming cyber battle. Whether you are defending Winterfell, the UK and its people, the health of the Nation, or the future of the Nation – here are 6 important security lesson to heed (caution, may contain spoilers!):

1. The initial plan to protect Winterfell was to concentrate the bulk of security resources around the perimeter of the castle, making it as difficult as possible for the enemy to get in. However, as we saw, simply protecting the perimeter isn’t enough. You’re not engaged in a straightforward and simple battle, it’s an unconventional enemy with many different strategies. Keep in mind--it’s not a case of IF they get inside the perimeter, but a matter of WHEN they get in.

2. Organisations must band together and work together. Cybersecurity isn’t just the responsibility of the security team or the IT department and security software (Dragonglass), it’s the responsibility of everyone. Organisations must provide adequate training (think Lady Brienne training Arya, or was it the other way around?) and education to ensure that everyone is working together (regardless of roles) and is aware of what form the enemy may take (they won’t all have glowing, blue eyes).

3. If/when the enemy does get in, they need to be contained and locked down for as long possible, so the least amount of damage can be done (in IT security terms, think least privilege and privileged access management). Prevention is only the first line of defense—winning requires multiple security layers and strategies to stymie and disrupt every attempted effort of progress by the adversary. Think about the Unsullied/Dothraki first wave, then the fired fence that was lit by Lady Melisandre, and THEN the walls of Winterfell castle. Three layers, three lines of defense, before the real fight even started.

4. Protecting your most valuable assets and locking them in a crypt/safe to ensure that no one can access them may seem like a good idea, but unless you can actually see what’s happening and who may have access to that crypt/safe – how safe are they? In the event of a breach (much like the white walkers breaking through the crypt walls), you don’t want your metaphorical Queen of the North and Tyrion being compromised, do you?

5. The ‘all seeing eye’ can be useful and help organisations know where to focus their attention and where the attack may be coming from. While we don’t all have a three-eyed raven that can fly around spying on our enemies, we can take action through learning and understanding their motives. Consider, vulnerability scanning (uncover and fix vulnerabilities before your foe finds and capitalizes on them), privileged session monitoring (pay extra close attention to those with higher potential to cause harm) and threat analytics (analyze many different activities to recognize patterns that may be ominous, or benign).

6. Once one ‘battle’ is won, the next battle will shortly be around the corner, likely against a different enemy. In real life, there is no ‘last war’ as the battle for the throne is being dubbed. Plenty more threat actors are waiting around the corner, and you cannot afford to drop your guard for a second.

Final Takeaways

Chances are that most organisations won’t have an Arya Stark in their ranks to save them and their people (customers, partners, etc.). They have to think smarter. Providing protection in just one area simply won’t be enough to stop the enemy from winning. Securing the perimeter has to be complimented with a solution and plan to contain any potential breach. You will require full visibility of what may be happening internally to, not only stop active threats, but also be aware of where the future threats may be coming from – remember, ‘The dead are already here’.

For more insights on defenses against White Walkers, stay tuned in to Game of Thrones. However, if you seek the best, most comprehensive layers of defense against cyber threats both inside and outside your perimeter, contact BeyondTrust.

Tom Asher

Regional Sales ManagerInternational Sales - UK/IR

Tom has been with BeyondTrust for 5 years working within the UK sales team. As the Regional Sales Manager for the UK Public Sector, he is responsible for growing and developing business for the entire BeyondTrust PAM portfolio.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

Webcasts

Welcome to 2021: A BeyondTrust Global Partner Update

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.