The winter games have always been a frozen classroom of great life lessons.
In 2014, we learned that sport is again the finest form of diplomacy, that the combination of athleticism and artistry calibrated by gravity is nothing short of awe-inspiring and that all hotels in Sochi are apparently managed by Norman Bates' holding company.
And in each of the 15 disciplines of the winter games, we've learned a valuable lesson about cyber security.
Not because intrusion detection is a medal event or because curlers simply look like they must be some sort of computer engineers by day, but because cyber security is so fundamental to the IT enterprise that it parallels the fundamental lessons of any pursuit.
As your organization becomes increasingly reliant on it digital enterprise, reliance on good cyber hygiene must become reflex. Unlike a decade ago, when your digital enterprise may have supported your organization, now the digital enterprise is your organization. As the importance of the digital enterprise has risen, so too has the specialty sets of skills and diversification required to secure it against a wide range of threat actors far beyond the corporate espionage and simple security of the last century.
It's why, as a cyber systems integrator, we strongly recommend regular assessments and managed solutions like continuous monitoring and diagnostics, basic acts of preventative cyber maintenance to prevent potentially disastrous results down the road, in the same way world-class athletes pay meticulous detail to exhaustive physical training.
Well, maybe not the curlers.
Alpine Skiing: Know your landscape and minimize your profile
Downhill skiers inspect the course with the precision a jeweler surveys a diamond. Prior to every race, they minimize intricate details of the course to find the fastest lines, the location of gates in slalom events, and understand the terrain. The difference between knowing the safe course and the problem areas and not is the difference between winning and losing, or pinwheeling down the mountain like a Lycra-covered snowball.
In cyber security, intense knowledge of your enterprise is a requisite and should be checked regularly. How many devices are connected to your network? How many entry points do you have? Are all your patches up to date? The difference between knowing exactly what the landscape of your enterprise is and not is just like a downhill skier, a tumble down the mountain.
For personal users, take another tip from those that voluntarily speed down mountainsides and minimize your profile at all time. Just as alpine skiers crouch to reduce wind resistance and promote flexibility, consciously minimize your online profile to prevent identity theft. Don't avoid having an online presence, just as skiers don't avoid going down the mountain, but do so smartly and in control at all times.
For both end users and the IT enterprise, however, Lycra is totally optional.
Biathlon: Constantly monitor, but be alert when action is needed
Biathlon may seem almost like a punch line in the United States, say, the sort of event that Jed Clampett might insist be in the winter games. But the combination of intense cross-country skiing punctuated by prone and upright marksmanship on long-range targets is a parallel for effective, layered cyber defense which requires multiple skill sets.
Most of cyber security is cross-country skiing: Steady monitoring governed by best practices, a pure test of endurance. But when one layer of defense doesn't’t succeed, effective mitigation of threat must happen quickly and precisely, just a skier must stop, steady him or herself and fire a precise shot. Merely deploying a monitoring solution isn't sufficient, you must be prepared to mitigate against vulnerabilities quickly.
Unfortunately, most cyber security is falling down on both accounts now. Monitoring is intermittent and more than 67% of all breaches take six months or more to report, according to the Verizon Data Breach Investigation Report. Employ a continuous monitoring solution, and, when alerts are trigger, calmly and quickly take corrective action.
Bobsled: A steady pilot, like a steady cyber integrator, is everything
Bobsleds, the clown cars of the games with 2-4 team members packed in a space the size a couple of sock drawers, hurtle down the track fast enough to get a speeding ticket on most interstates.
Conventional wisdom says that the push is everything, the raw brute force that gets the sled moving over the opening 50 meters. The same is true of cyber security. Conventional wisdom is that having the right licensed products up front, the raw brute force of protection, is the key.
But as important as the push is, utilizing it to get you to the finish line is the goal of the race. The bobsled pilot must navigate the sled through a series of hairpin turns at up to 75 miles an hour, all, of course, on ice. Extreme knowledge of the terrain and anticipation of what’s to come is the only way a sled makes it from top to bottom.
Cyber security is similar. Merely having the right start isn’t enough. Organizations need a cyber integrator, a cyber steward, to be sure the push is maximized and understands what is around the next turn.
Using licensed software and best-of-breed tools matters, but without an experience cyber integrator at the center of your enterprise ensuring all systems work together, that a robust security profile is in place and maintained, to form defense in depth, you’re likely to cross the finish line upside down.
Cross Country Skiing: Cyber security is an effort of methodical endurance, not intermittent sprints
Cross country skiing is the most physically demanding discipline in the games; cyber security is the most demanding enterprise IT discipline. Just like cross country skiing, there can no breaks and there is no downtime, only steady, focused movement forward.
Unfortunately, most cyber security now is a stop-and-start affair. Networks are scanned once every few months, server logs combed less frequently, data feeds rarely, if ever, correlated. Effective cyber security requires precisely repeated security processes – software regularly patched and updated, threshold alerts established and maintained – just as cross country skiing requires continuous, repeated motion.
But the greater the frequency, the more continuous the work, like with a continuous diagnostics and mitigation tool, the more likely you are to finish ahead of the pack. In cyber security, like in cross-country skiing, your opponents never take a break. Neither should you.
Curling: Always protect the house and sensitive data, no matter how the environment changes
Like cyber security, curling requires a coherent strategy entering each game, but the strategy must be able to change from end to end, and throw to throw, as the situation of defense and gameplay evolve. However, whatever strategy used, every team must protect the house. In curling, points are scored by being in the house (e.g.,. the bulls eye rings) and closest to the button (the center). Just like in cyber security, the goal is to at all times have more defenses around the house, your personal health information (PHI), for example, or other sensitive data, than your opponent can penetrate, constantly reinforcing defenses as opponents strategies and tactics change.
And like curling, we don't look like Olympians either.
Figure Skating: Presentation layers matter
Figure skating is separated from all other competitions by the degree to which presentation matters. From song choice to costume to the overall artistry, aesthetics are a real component of a figure skating performance. Mere technical mastery of the craft isn’t enough to medal.
Cyber security is similar. The ability to deploy and retrieve data from cyber security tools like sensors, intrusion detection devices, or malware scans are a requisite, but unless the resulting data is woven together in an easy-to-understand form, it simply isn’t enough. In cyber security, well-crafted, vendor-agnostic displays, like NJVC’s Cyber Dashboard, turn a series of technical executions into an instructive, relatable experience. In figure skating, the technical elements, jumps, spins and the like, must be executed flawlessly, but the must also be presented meaningfully, in a way they can be easily understood and appreciated.
And, just like cyber security, a few sequins never hurt.
Freestyle Skiing: Cyber security is sometimes as much art as technical. Be creative.
Freestyle skiing is a relatively new introduction, debuting in Albertville in 1992. Its first medal discipline was moguls (think an attempt at downhill skiing if the mountain was owned by your local speedbump happy HOA), but it’s expanded to include aerials, half-pipe, and other disciplines in which artistry, rather than a clock, determines the winner
Think of freestyle skiing as response to threat actors. Hackers and other threat actors are often clinical in their knowledge but creative in their execution, regularly seeking a zero-day attack or a vulnerability that hasn't been exploited. Advanced cyber threat mitigation has to be even just as creative to respond quickly to emerging threats, since out-of-the-box solutions won’t be able to handle zero-day threats. Just like in freestyle skiing, the conventional approach is always going to change as technical advances make new types of jumps or attacks possible, and creativity turns those into an aerial ballet. Effective cyber security requires the same combination of technical proficiency and creative thinking to respond at the speed of threats.
Ice Hockey: It’s not about having great components working individually; it’s about having a coordinated team
The best-on-best hockey tournament is a comparison with teeth (well, metaphorically at least) for defense in depth and continuous monitoring solutions like NJVC’s Cyber Fusion Framework.
Most current cyber security solutions are akin to elite hockey players, exceptional at their position, but insufficient alone to win a team game. Or think of your network as a team itself. Your sensors, for example, represents forwards, detecting attacks at the perimeter. Your defensemen represent the next level of protection at, say, the IDS level. The goalie is your last line of defense.
Most enterprise cyber security solutions feature every one of these tools, but few or none of them represent a team working in concert together. No matter how skilled your players or how outstanding any cyber security tool is, without working together, they’re like a hockey team acting without any awareness of where their teammates are or what they’re doing. It's like having a forward line constantly in the offensive zone, defensemen on the same side of the ice in the neutral zone and a goalie all by himself against an opposing rush. A great cyber security continuous diagnostics and monitoring solution, however, produces teamwork, goalies responding to defensemen responding to forwards. A CDM correlates feeds and aggregates data, producing usable, coherent information from all the individual movements.
Think of it as Team USA. A great cyber security tool itself might be high-scoring winger Phil Kessel, but as great as Kessel is, if his playing by himself without his teammates watching, acting on, and reacting to, his movements, gaps will open all over the ice. (Then again, as a Toronto Maple Leaf, playing without functional support of teammates may be all too familiar for Kessel.)
Luge: Keep your data protected and as far from danger as possible
Lugers, unlike their skeleton cousins, whose primary interest seems to be tempting the resiliency of the human head, go about hurtling down an icy track as smartly as anyone can go hurtling down a track on a small sled – feet first. And in this controlled chaos of a luge run, there is an invaluable lesson in cyber security: ensure sensitive data is well-guarded and as far from threat as possible. Be aware of where data is located, where data leaks might occur, where gaps might result from different vendors providing applications. Wrap it in a helmet. Be sure data isn’t directly exposed, like the healthcare provider who exposed thousands of PHI records to the open web and search engines.
Unfortunately, like lugers, security is a delicate balance, rather than an absolute.
Nordic Combined: Reliable cyber security requires mastery of multiple disciplines
Nordic combined is a little something of a Superman transformation, exchanging flight (ski jumping) for a more mundane type of locomotion (cross country skiing), and, at least for most of the world, and doing so entirely out of the public eye, just like the Man of Steel. Despite its lack of popularity, it’s instructive for cyber. True cyber security, like Nordic combined, requires expertise in more than one discipline. Cyber is as diverse as IT itself. Securing applications requires different skills from securing networks or malware identification.
Managed services, like a cyber systems integrator can help identify gaps and vulnerabilities and provide expertise in all required skill sets. Just as proficiency in one element, ski jumping, or application cyber security, isn’t enough to medal, lack of proficiency in any element required in cyber security will almost certainly lead to failure, no matter how strong in another area.
Skeleton: Stay heads up at all times with real-time monitoring
To the casual observer, skeleton sledding almost seems like a college prank after snow – and a few beverages -- fall. Leading with your head never seems like a particularly good idea, particularly in a race that exerts up to 5g of forces. As it is, however, skeleton tends to be safer than luge in terms of numbers of accidents, precisely, sledders say, because they have better awareness.
Similarly, visibility, and hyper-awareness of the baseline is vital in cyber security. It isn’t enough simply to run cyber security measures at the start, then take your eyes off the metrics, similar to the limited viewpoint of a luger. Constant awareness, through alert thresholds and continuous monitoring will allow rapid reaction to changing environments and a much lower risk of going head over heels.
Ski Jumping: Form and best practices are critical
Vinko Bogataj isn’t a household name, but he is a household face. Or, a household image, hurtling off a ski ramp like a test dummy on his very worst day. Bogataj, as you probably aren’t aware, is the Agony of Defeat man, a young Yugoslavian (then a country) ski flyer (then the name of ski jumping) whose explosive crash became the video image accompanying the “Agony of Defeat” in the opening of ABC’s "Wide World of Sports." (Then a television staple.)
Bogtaj's agony came as a result of poor form, an inexperienced jumper on a slope too great for his expertise.
Forty years later, form is still everything in ski jumping, not only to successfully make it off the ramp, but to land, successfully and at the K line. Contrary to common understanding, ski jumping is actually an exercise in precision, not attempting to fly the farthest, but to land as close as possible to a designated landing point while maintaining proper form.
Design the specific form that works for your IT enterprise, which allows movement but produces results specifically targeted to your IT enterprise. Don't simply pile on technologies for the sake of better protection, carefully determine the best cyber security measures for your enterprise and follow them without fail to land as closely as possible to your target line of productive. Maintain your cyber security posture constantly and vigilantly.
The alternative, as Vinko would tell you, is the Agony of the Breach.
Snowboarding : Innovation matters, always be open to new ideas and products
When it comes to securing your enterprise, the temptation to stick with what’s working is understandable. But, like the first snowboarders who ventured from skis to boards, constant awareness of new trends and technologies can be invaluable. Snowboarding is an amalgam sport just like cyber security. Ideas from skiing, surfing, and sledding helped form the sport’s identity, So, too, can cyber security, by taking advantage of research and development, by testing new capabilities and by working with a cyber integrator, who can bring new tools and techniques to cyber defense.
Speed Skating: Be agile and strategic, because victory can be in the turns
Speed is the goal, but victory comes through agility in the turns.
Cyber security requires superb responsiveness, particularly at the turns in the IT lifecycle. In cyber security, your enterprise will spend most of its time in the straightaways, continuously scanning and mitigating against threats. But when events change, the turns, when applications are introduced into your network, when servers are brought online, cyber security must anticipate the turn and effectively manage it. A cyber integrator can virtualize new additions before introduction and can conduct acceptance test. In the Department of Defense, for example, all devices connected to the global information grid go through extensive certification and accreditation tests. Nothing is left to chance. Every turn is planned for and maximized, walking the fine threshold between optimum performance and absolute security.