What Simone Biles Can Teach Us About CyberSecurity
Practice makes perfect. There’s no greater example of this than the Olympics, where athletes like Simone Biles spent countless hours practicing to execute their craft perfectly. But even Simone Biles, who is arguably the greatest gymnast, didn’t receive a single perfect score and faltered on the balance beam. That’s because the phrase, no matter how motivating, is misleading. Perfection is unobtainable, and the world of Data Protection and CyberSecurity is no more immune to this than an athletic arena. There’s simply no way to prepare for every conceivable attack scenario or possible way to lose data. However, a more accurate term to use would be “essential.” Practice is essential to delivering a strong performance and developing a strong understanding of security technology, processes and techniques used to secure the business.
It’s interesting to consider how often we simply rely on the technology we purchase to protect us from attackers, even with little understanding of how it functions in normal operating conditions, let alone in a strained environment with increased stress. Think of a dart tournament, a very unique dart tournament. You may have thrown darts before; in fact, you may be a champion dart thrower. But have you ever thrown darts in a tournament where you are blindfolded? Where you don’t fully understand where the dart board is, and your boss, and their boss, are standing beside you asking for constant updates on the score and what you’re doing to throw better? And let’s not forget, your job and the survival of your company are at stake. That’s how it feels when you’re under an attack or, more accurately, a multi-vector attack. Now think about the security team at Sony and the stressful weeks they spent trying to understand the attack and if their systems were even defendable. How much easier could it have been if they had a better understanding of both the attack and their own systems?
In an effort to help businesses better understand threats and technology used to defend against them, Internetwork Engineering (IE) is introducing a new interactive challenge at this year’s OktoberTekfest: Hack for Beer. In this challenge, IE has created a scenario with an attack platform and a defense platform on a target network with many of our security tools such as Firewalls, IPS, monitoring tools such as Stealthwatch, etc. incorporated. You and your team will be put in the driver’s seats and coached through either defending your network, or attacking the network. After all, how do you defend against what you may not understand?
We’re also raising the stakes a little higher than a mere challenge. The network being defended will contain a smart kegerator, called a KegBot, and you’ll literally be hacking for your chance at some ice cold beer. So make sure you stop by the Security Booth. We’ll demo the Hack for Beer process and walk you through the challenge. Then go a little more in depth with us in a discussion of the current threat landscape in our breakout session. Practice may not make perfect, but it is essential and so is your attendance at TekFest if you want to Hack for Beer, so register today if you haven’t already. You’re not going to want to miss out on this. We’ll see you there!
About the Author:
Jason Smith is the Security Consultant for Internetwork Engineering (IE) with over 15 years experience in IT & IT Security, including finance, retail, and aerospace and defense. Connect with Jason on LinkedIn.