Game of Cybersecurity: Lessons Learned from Game of Thrones

As we impatiently await the final season of Game of Thrones, we can apply key learnings from the show’s many plot twists to improve our business’ security strategies.

Game of Cybersecurity: Lessons Learned from Game of ThronesBy David Murray    September 18, 2017      Thinking

The too frequent leaks and breaches plaguing season 7 of Game of Thrones have been running things amuck for HBO. For those entrenched in the cybersecurity industry, however, we know that the methods of cyber hackers are becoming increasingly complex and technologically advanced. And wreaking havoc on a premium cable network is only one example of how hackers can and will disrupt a system.

As the rest of us impatiently wait for the final season of Game of Thrones (in two years!), what can HBO be doing to get ahead of hacks and leaks? Stars of the show have been speculating that HBO will revert back to an “analog” approach, and hand-delivering hard copies of scripts to minimize the leaks. But this ultimately is not a sustainable or practical approach for the rest of the way the company needs to operate.

For any business, disruption can be a headache at best or catastrophic at worst. Perhaps HBO, and other companies, can actually draw parallels from the Game of Thrones world to very common issues and situations of the cybersecurity realm today and apply lessons learned to real-life enterprise-level businesses.

Why you need to worry about the Littlefingers of the world just as much as the threats beyond The Wall

The Wall is a perimeter-based defense mechanism designed to keep out external “hackers,” treated with a bit of magic, or firewall if you will, to keep out the Night King and his white walkers. You can think of the Night’s Watch as a security team, clearly understaffed and overworked, and Jon Snow, as the stressed out “CISO” working to prioritize threats and gain resources to defend the world as best he can.

For the moment, however, remove yourself from the storyline that centers around the impending doom brought on by the Night King and his army of undead “wights” and “white walkers”. For an enterprise-level business in the real world, stranger danger can actually be the least of worries for survival. It’s anomalous internal user activity that can be just as detrimental to the safety of the business.

Perhaps the best illustration of this is Petyr Baelish, or Littlefinger. Littlefinger carefully calculates and instigates chaos and disorder wherever he goes. His moves are largely motivated by his desire for more power and access. In a real-life scenario, Littlefinger is a common character. He represents a malicious insider threat that can fly under the radar within the network, gaining access by manipulating the weaker elements within. Similarly, 81% of hacking-related breaches leverage stolen or weak passwords and once an adversary is inside the network, the potential damage they can cause is significant.

On a larger scale, especially given the highly automated nature of algorithmic business environments, cyber attackers don’t necessarily need to steal information or install ransomware to accomplish their goals – anyone who is familiar with the algorithm and can modify the inputs will be able to manipulate the outcome. For security teams, tracking network activity is essential, especially in attempting to identify anomalous activity when the source is disguised as an “accepted” user. In order to rapidly detect and defend from insider threats, security teams must also have a deep understanding of all user activity on the network.

Bridging the Gap between Daenerys, Cersei and Jon’s band of wight wranglers, or rather, the c-suite and the security team

Generally, there is a fundamental disconnect between business and security IT departments. This sort of misalignment is common in the world of business. We see a similar disconnect between the leaders of Westeros and our “CISO” Jon Snow.

In this season, we saw Jon Snow and his crew set out for an elaborate mission beyond the Wall to catch a “live” wight. Their mission is to convince self-proclaimed Queens and Iron Throne competitors Daenerys Targaryen and Cersei Lannister that the mythical threats beyond the Wall do exist, and once and for all bring everyone on the same side to save the greater good.

But if Jon fails to effectively communicate the risks to Daenerys and Cersei or can’t convince them to re-prioritize their goals, or if they don’t take Jon seriously enough, the living could be wiped out and Westeros as a whole defeated. Likewise, if a security director and a c-suite executive can’t bridge their communication gap and begin speaking the same language, then detrimental and disastrous situations can happen to their business.

IT OPs and security teams don’t always understand the company’s big-picture business goals, and c-suite decision-makers lack insight into the day-to-day technical realities that ensure the business is properly safeguarded and runs without a hitch. This disconnect can hinder a company’s efficiency, and worse still, can render the company vulnerable to massive cyber risks. Better collaboration and level-setting is critical. Luckily, Jon was able to convince one of these two Queens to meet him halfway, and thus see for herself that the external threats were real, giving him greater aid in his arduous job of staving off the white walkers.

Why every company needs a Bran Stark aka the ultimate surveillance

Bran Stark, as the Three-Eyed Raven, has special abilities that allow him to see the past, present and future in their entirety and simultaneously. He is omniscient, and it’s in his mind where all of the information, events, and “data” in the world converge. It’s this basic idea of Bran that every digital business needs today. Bran can automatically monitor all activity, and offers the advantage of complete surveillance and visibility into your business - including seeing right through the Littlefingers of the network security world.

In any digital business, the network, or the fabric across which all communication and data exchange takes place, acts as a foundation. It’s important to give users visibility into the infrastructure that’s powering a business. When users can access and understand network activity, they can make better informed decisions. Those few technologies that can easily capture information as it moves across the business, extract content from those communications, and provide a digestible dashboard of the information and the ability to investigate the underlying details, are the ones that offer businesses valuable transparency and insight and the confidence that nothing is overlooked.

Of course, if things were all secure all the time in the Game of Thrones world, it wouldn't make for much of a show. Real-life businesses of course are better off without the drama and the risk. Whether it’s Westeros, HBO, or another digital business, better surveillance and visibility overall can play significant roles in identifying hidden insider threats and strengthening alignment between different factions. Further, keeping up to date on the latest technologies and network infrastructure for the new, automated, and algorithm-driven era is the only way to fight back and future-proof your assets. It’s the network where IT and security experts can benefit from getting all of this information in for the purpose of improving performance, risk, infrastructure, and all corresponding applications.

Game of Cybersecurity: Lessons Learned from Game of Thrones

David Murray, Chief Marketing & Business Development Officer, Corvil
Corvil is the leader in performance monitoring and analytics for electronic financial markets. The world’s financial markets companies turn to Corvil analytics for the unique visibility and intelligence we provide to assure the speed, transparency, and compliance of their businesses globally. Corvil watches over and assures the outcome of electronic transactions with a value in excess of $1 trillion, every day.

You might also be interested in...