If I were a Chess piece to protect my organization, which piece would I be and why?
It’s too easy to choose the big player piece like the King but King’s rule the Kingdom and are protected by those around them, so in my mind, they don’t do very much. So, I choose to be a Knight. In Chess, I like playing the piece. It has so many unique qualities that it’s hard to defend against it in an attack, and it plays a very important role in protecting the King and Queen.
Let’s talk about a slightly different Knight, though. The author George R. R. Martin wrote a book “A Knight of the Seven Kingdoms,” which is more fondly known as the Game of Thrones TV series. I like the title, “A Knight of the Seven Kingdoms.”
In my fantasy world, the Knight plays an important part to defend his Seven Kingdoms, just as a Chess piece plays in a game of chess. What sort of threats would he be defending against, though?
Insider threats are a constant threat to every organization. How does the Knight defend against such attacks?
The truth is, we won’t be able to stop these attacks completely but we can detect, help prevent, and respond to these attacks. We can do so by having simple measures in place, such as integrity monitoring; configuration management; vulnerability assessments and aggregating logs into one central location, as well as applying intelligence to these logs to help spot the anomalies.
It’s been around for some time now, but in recent years, ransomware has been popping up on all platforms, targeting some very high-profile organizations. Some analysts believe 2016 will be the year of ransomware.
The Knight should be adopting some good perimeter controls around the Kingdom, which will help prevent some of these attacks. The Knight will also be talking to their people and making them aware of the different types of attacks there are and how to defend against it. But our Knight will also be relying on technology to help detect these cryptographic threats.
Using integrity monitoring tools will help detect the change to files that are encrypted and help drive a work-flow to stop the spread of this attack.
How about those old relics inside the kingdom? They can’t fight or defend properly and have weaker controls. They have to rely on the Knights to protect them from being attacked.
You could say the same for your critical assets within your perimeter. What controls are in place today that help defend these assets and have they been hardened? Have the controls or the systems that manage these controls been patched to the latest updates to prevent attackers compromising these assets?
Using a good vulnerability management tool will help you identify these systems that are weak. And, if you integrate an integrity management tool with it, you have a solution where once a system has been found vulnerable, you can have the integrity monitoring tool keep an eye on it whilst it’s being fixed.
POLICES AND REGULATORY REQUIREMENTS
Every Kingdom should have their own rules and procedures. It’s down to the Knight to ensure these rules are enforced, otherwise, chaos occurs and everyone will make up their own rules.
Our Knight will have technology to help him enforce these rules. Using a configuration management tool, the Knight can ensure each system in each of the Kingdoms adhere to one set of rules, and keep a watchful eye on those systems to ensure they don’t fall out of line.
And, let’s not forget the policies that, if broken, carry a hefty fine from certain regulators!
MALICIOUS MALWARE AND VIRUSES
From time to time, the occasional threat will penetrate the kingdom. When it does, it spreads its viral contents throughout the Kingdom, destroying it from the inside out. The Knight will play an important part to look for those unusual characters.
Using his integrity monitoring tool, the Knight will be alerted to a change in the Kingdom. With integration to third-party threat providers, the Knight will be able to validate the potential threat that has just walked through the gates to determine if they are a threat or not.
If the third-parties state it is a known threat, the Knight can take immediate action against that threat, eradicating it from the Kingdom before the pandemic can spread.
These are just some of the things our Knight will be defending against. There are many more different threats out there where technology plays a significant part.
The Knight plays a very important part in defending their Kingdom in Chess, and as you can see from the examples above, an important role in information security. That is why I chose to be a Knight.
Having a good strategy is important in a game of Chess – it’s the same in the world of information security… at the end of the day, it’s about protecting your King, “your critical data.”