As far as data protection is concerned, it is usually the banks that are in the firing line. However, we’ve recently seen that even the glamorous world of television is not immune to cyber threats when the first four episodes of the new Game of Thrones series were leaked from HBO. It just goes to show, that as long as a cyber attacker considers something to be valuable then appropriate security measures need to be taken to protect it.
Taking all things into consideration, it’s possible that the HBO hack was an inside job or used compromised privileged access rights. This notion made me consider how such a betrayal would be dealt with in Game of Thrones’ fictional world of Westeros?
In the real world, should a member of staff abuse their access rights to release confidential information the worst outcome would be for that employee to lose their job, and depending on the nature of the leak, possibly face a public enquiry.
> See also: Hackers breach ‘The Wall’ in Game of Thrones hack
Yet, should a member of Stannis Baratheon’s court abuse their position to allow outsiders in, the act could cost them their fingers or worse! With such a cost, I’d imagine most subjects wouldn’t be so tempted to abuse the privilege of their position. With this in mind, I believe there are certain lessons for IT security professionals to learn from the high-stakes world of Game of Thrones.
Security doesn’t stop with building walls
IT security executives can become obsessed with adding new, bigger layers of defence. It’s rather like how medieval architects enhanced the security of their castles by building additional rings of walls and towers, or how the House of Stark built The Wall to protect the Seven Kingdoms.
But this strategy has an Achilles heel. Even the most impregnable castle can fall if someone inside can be convinced to open the gates and let the ‘wildlings’ in.
Much like The Wall, an IT strategy ultimately stands or falls on how well access is controlled and managed on an ongoing basis within the walls of the organisation. The reality is that access may be compromised regardless of how thoroughly you train or motivate your people.
Therefore, information security professionals need to adopt a more proactive approach to access management and be equipped with more effective tools such as identity analytics, to enable an organisation to detect the hidden access risks that might open them up to a data breach.
Identity data is constantly changing
Such is the nature of Kings Landing, that struggles for power between the noble houses ensure titles in court are continually changing hands. With each role comes certain privileges and access to private chambers, and these are solely available to he who holds the title. Considering this, once a role has changed hands, there is no question over whether those privileges are removed once you fall out of favour (or meet a somewhat more gruesome end).
To be able to maintain control over IT security, organisations also need to have a real-time view into how sensitive information is being accessed and shared by employees. This requirement is essential because much like knighthoods and titles, identity data is constantly changing. As organisations bring on new users or terminate others, activate new devices, grant access rights, and change user roles, they need to be able to see how sensitive data is being accessed in real time.
Identity and access management solutions with intelligence capabilities make this possible. This will enable IT staff to identify potential security issues before they become a real threat to the organisation and spot suspicious user behaviour as soon as it occurs. Should onetime Queen of the Seven Kingdoms Cersei Lannister suspect a traitor in her midst, I have no doubt she wouldn’t hesitate to act.
Managing the needs of a kingdom is challenging
Like any ruler of the Seven Kingdoms under pressure to maintain peace and political stability, CISOs and IT managers are under immense pressure to prevent data breaches with finite resources. What’s striking is that many can find it difficult to get the support needed to appropriately address insider threats, just like it is challenging for Jon Snow, Commander of the Night’s Watch, to marshal the forces needed to protect the Seven Kingdoms from the White Walkers north of the wall.
IT infrastructures have become increasingly complex as the access needs of users (or subjects) constantly change. This makes it challenging for CISOs and IT managers to understand, and as a result effectively communicate, exactly where business risk lies.
Therefore, understanding access risk is becoming increasingly important for protecting an organisation’s digital assets. The data generated from user identities is growing exponentially and maintaining a clear view of all user relationships within the organisation is becoming a significant challenge, just as it is trying at times for Lord Balish to uncover and control those with political power.
> See also: The firewall isn’t dead: it’s just growing up, and policy has to grow with it
Big Identity Data actually presents a significant opportunity to help organisations to provision smarter access risk management and identify and eliminate emerging threats to business information before they can harm the company.
Living in the modern world, CISOs and IT managers have far more tools at their disposal than their Westeros counterparts to monitor rogue behaviour from inside their organisation. In order to prevent similar betrayals going forward, it is a case of ensuring you have complete visibility in real time of access rights and user privileges. Do you know who has access to what information, and what they’re doing with that information in your business? If no – then tread carefully, as it may just cost you your hand.
Sourced from Chris Sullivan, VP Advanced Solutions, Courion