When playing chess, you need to consider not only your next three to five moves but also the next several moves of your opponent.
In our case, the security of an organization’s data and infrastructure is open to an abundance of moves by hackers and malicious insiders. Regardless of which defensive pieces you have in place – knights, bishops, pawns and rooks – you must protect your King and prevent “checkmate.”
“Checkmate” for an organization means you’ve been hacked; you have no idea how you left yourself open to attack, and you can’t readily identify what mistakes you made. You’re in the public’s eye as a result of being breached, yet you cannot give your customers, stakeholders, management, board, employees, or anyone else with a vested interest an explanation as to how this happened.
You built layers of security defense that you thought were enough but weren’t. Now, all your personnel needs to commit themselves to stabilizing and securing the kingdom from further compromise.
You do not know who your next opponent will be but it is incumbent upon you to identify where you went wrong and what you can do to fill in the gaps. And quickly.
Let’s examine this state of “checkmate” more closely.
If we imagine the Queen to be the security director, the “chess piece” with the most power to control the “kingdom,” we can ask: what information was not given to the Queen that allowed this gap to appear in organization’s layers of defense?
Was it a vulnerability on an endpoint with critical information that could be automatically exploited? Was it a change on a critical server that affected the gold build? Or was it a series of moves that led to the Queen being taken off the board?
The Queen is not only the chess piece that starts off next to the King. She’s also the player that can move any direction within the organization in an effort to secure the lines of defense. The Queen’s role is to assess the state of play after each move and to protect the King.
Additionally, it’s important to remember that the events leading up to “checkmate” are just as important as the “checkmate” moment itself. If you can keep the King and Queen intact through each of the opponent’s moves, you can use your various lines of defense to detect, identify and remediate all forthcoming attacks. But if your Queen has been lost, the lines of defense have no hope of being able to secure themselves.
To conclude, we must provide our Queen with the information, resources and solutions needed to fend off a position of weakness. The Queen must stay on top of the health status of all key assets that are deemed critical to the company – doing so will help prevent checkmate.
Now, it’s your turn! Which chess piece are you and why? Can you imagine yourself as a chess piece protecting your organization during a cyber-attack? How do your actions and strategies in battle match the capabilities of the chess piece you picked?
Tell us in a few words and have a chance to win one of three great prizes in Tripwire’s InfoSecurity Europe 2016 contest!
For more information about our exciting in-booth activities, please click here.
In the meantime, you can read some chess lessons for security leaders here and here.