We are already a month into the new fiscal year for the UK public sector, and organisations are beginning to get confirmation of this year’s cybersecurity budgets to address the ongoing challenge of a relentless cyber threat landscape.
With that in mind, let’s review lessons from the riveting Game of Thrones (GoT) episode ‘The Long Night’ (season 8, episode 3) that your organisation can apply to triumph in the forthcoming cyber battle. Whether you are defending Winterfell, the UK and its people, the health of the Nation, or the future of the Nation – here are 6 important security lesson to heed (caution, may contain spoilers!):
1. The initial plan to protect Winterfell was to concentrate the bulk of security resources around the perimeter of the castle, making it as difficult as possible for the enemy to get in. However, as we saw, simply protecting the perimeter isn’t enough. You’re not engaged in a straightforward and simple battle, it’s an unconventional enemy with many different strategies. Keep in mind--it’s not a case of IF they get inside the perimeter, but a matter of WHEN they get in.
2. Organisations must band together and work together. Cybersecurity isn’t just the responsibility of the security team or the IT department and security software (Dragonglass), it’s the responsibility of everyone. Organisations must provide adequate training (think Lady Brienne training Arya, or was it the other way around?) and education to ensure that everyone is working together (regardless of roles) and is aware of what form the enemy may take (they won’t all have glowing, blue eyes).
3. If/when the enemy does get in, they need to be contained and locked down for as long possible, so the least amount of damage can be done (in IT security terms, think least privilege and privileged access management). Prevention is only the first line of defense—winning requires multiple security layers and strategies to stymie and disrupt every attempted effort of progress by the adversary. Think about the Unsullied/Dothraki first wave, then the fired fence that was lit by Lady Melisandre, and THEN the walls of Winterfell castle. Three layers, three lines of defense, before the real fight even started.
4. Protecting your most valuable assets and locking them in a crypt/safe to ensure that no one can access them may seem like a good idea, but unless you can actually see what’s happening and who may have access to that crypt/safe – how safe are they? In the event of a breach (much like the white walkers breaking through the crypt walls), you don’t want your metaphorical Queen of the North and Tyrion being compromised, do you?
5. The ‘all seeing eye’ can be useful and help organisations know where to focus their attention and where the attack may be coming from. While we don’t all have a three-eyed raven that can fly around spying on our enemies, we can take action through learning and understanding their motives. Consider, vulnerability scanning (uncover and fix vulnerabilities before your foe finds and capitalizes on them), privileged session monitoring (pay extra close attention to those with higher potential to cause harm) and threat analytics (analyze many different activities to recognize patterns that may be ominous, or benign).
6. Once one ‘battle’ is won, the next battle will shortly be around the corner, likely against a different enemy. In real life, there is no ‘last war’ as the battle for the throne is being dubbed. Plenty more threat actors are waiting around the corner, and you cannot afford to drop your guard for a second.
Chances are that most organisations won’t have an Arya Stark in their ranks to save them and their people (customers, partners, etc.). They have to think smarter. Providing protection in just one area simply won’t be enough to stop the enemy from winning. Securing the perimeter has to be complimented with a solution and plan to contain any potential breach. You will require full visibility of what may be happening internally to, not only stop active threats, but also be aware of where the future threats may be coming from – remember, ‘The dead are already here’.
For more insights on defenses against White Walkers, stay tuned in to Game of Thrones. However, if you seek the best, most comprehensive layers of defense against cyber threats both inside and outside your perimeter, contact BeyondTrust.
Tom Asher, Regional Sales ManagerInternational Sales - UK/IR
Tom has been with BeyondTrust for 5 years working within the UK sales team. As the Regional Sales Manager for the UK Public Sector, he is responsible for growing and developing business for the entire BeyondTrust PAM portfolio.