Cybersecurity Lessons From May 4th

Cybersecurity
,
Risk Management

7 ‘Star Wars Day’ Cybersecurity Lessons
May the Information Security Force Be With You


May 4, 2016

7 'Star Wars Day' Cybersecurity Lessons
(Source: StarWars.com)

“May the Fourth be with you.”

See Also: Rethinking Endpoint Security

 

Star Wars Day happens every year, celebrating the iconic science-fiction film franchise. It’s the perfect time to celebrate these cybersecurity essentials, as received from “Star Wars” canon wisdom.

 

1. Too Good To Be True?

 

 

 

Have you ever come out of hyperspace in an attack against a Death Star, only to be caught out by a hidden Imperial fleet? Or have you ever been emailed by a Nigerian prince, asking if he can keep his $20 million tucked in your bank account indefinitely?

 

In the words of Admiral Ackbar: “It’s a trap!”

 

2. Recruit Who You Must

 

 

In “Star Wars,” the future of the universe relies on a whiny kid who takes a lucky shot, blows up a doomsday machine, but then can’t stick the long-term training, gets his hand cut off by his father, watches his friends get captured by the opposition, and only then manages to come back dressed in all black – sporting a new, robotic hand – and save the day.

 

Takeaway: Don’t be afraid to look for help in the most unlikely of places.

 

On the security front, one ongoing challenge is keeping users keyed in to emerging attacks, including phishing and malware. And where security awareness training is concerned, always remember the fun factor. In short: Never underestimate the power of kittens.

 

3. Test Things Before They Break

 

Photograph: Sam Howzit, Flickr/CC.

 

Ever needed to escape a blockade, only to find that your “bucket of bolts” can’t make the jump to light speed, because you failed to keep your ship tuned up?

 

The same goes for information security defenses, and ensuring that, unlike Target, you’re paying attention to alarms before the situation becomes critical.

 

4. Don’t Fear the Dark Side

 


One recurring problem in information security circles is the proclivity by practitioners – and especially vendors – to trade on fear, uncertainty and doubt. But FUD doesn’t help anyone get their cybersecurity shop in order. As Yoda tells Luke Skywalker: “Fear is the path to the dark side. Fear leads to anger. Anger leads to hate. Hate leads to suffering.” And who wants to suffer?

 

5. Scum Will Congregate

The scum of the universe will always find ways to congregate. As Obi-Wan Kenobi noted of a certain less-than-desirable piece of intergalactic real estate: “Mos Eisley spaceport: You will never find a more wretched hive of scum and villainy.”

 

Security experts say the same paradigm is at work in cyber crime circles, as revealed by the prevalence of underground forums – many apparently hosted in Russia – that sell products and services to other cyber criminals.

 

6. Learn From Repeat Attacks

“That’s no moon.” (Photograph: Windell Oskay.)

Why do villains create the plans for a major new weapons system once, then keep redeploying it? In that respect, the developers behind malware, ransomware, remote-access Trojans are a lot like the folks who keep building Death Stars, or their planet-based “Force Awakens” alternative. Except cyber criminals, of course, have enjoyed much greater success.

 

7. Don’t Try, Do

 

Never wait to be attacked, especially if there are defenses that you can put in place – in advance – that will help blunt or block the impact of those attacks, be they phishing, ransomware or attacks launched via supply-chain partners.

 

The important thing is to get started, follow though and keep following through. In the words of Yoda: “Do. Or do not. There is no try.”

from DataBreachToday.com RSS Syndication http://ift.tt/1SOOQad
via security