Three endpoint security lessons from a galaxy far, far away
On May 4, Star Wars Day 2019, fans are reminded of an epic battle between light and dark. Unfortunately, this is an everyday struggle for those of us who work in cybersecurity – protecting the organization from the next potential data breach.
Because traditional network perimeters have given way to cloud-based models in support of the digital workforce, it’s important to note that the endpoint has become extremely valuable for security tools and controls. This means an organization should make protecting them and the data they hold a significant part of their cybersecurity strategy.
Science fiction and cybersecurity in 2019 aren’t as far, far away from each other as one might think, and the legends of the movie holds lessons that might prove useful for protecting those valuable endpoints.
- The role endpoint monitoring plays in detecting and prosecuting insider threats
- IT security budgets are falling
- Empowering CISOs to strengthen password security
Defeat security threats with visibility and the right knowledge
Star Wars: A New Hope begins with the now familiar plot-setting text, floating through space. There, at the very outset of the movie, we see how the most advanced weapon in the evil Empire can be defeated.
Anti-Empire conspirators have smuggled the architectural designs to the Empire’s Death Star, and are zooming through the galaxy to get this knowledge to the rebel leaders. Before C-3PO and R2-D2 walk through the desert, and before the wisdom of Yoda is made available, we are struck with the key to rebel victory: knowledge.
IT and security teams crave the visibility that insights and analysis can offer from an unimpeded view of their endpoint populations. Visibility into an organization's endpoints is a key element for any security program. ‘Dark’ or untraceable devices remain outside the control of IT, posing a significant threat. It’s only through visibility and knowledge of these devices that an organization can take the proper steps to securing sensitive data. Without this line-of-sight, there is no way to know all resources—data, devices, users, and apps—are secure.
Endpoint security is a team effort
Let’s compare the motley crew of rebel heroes to the homogenous, lockstep conformity of the corrupt Empire. The rebels rely on a phantasmagoria of specialists, each bringing their contribution to the cause—creating a force that is greater than the sum of their parts. Whereas the mindless, linear, uncreative stormtroopers and field commanders of the Empire rely only on the powers that are all top-down and clumsy, resulting in needlessly wasted of cycles against a ragtag group of amateurs.
Wisdom can come in many forms and it can come from just as many sources. IT and security teams are at the heart of their organizations—instrumenting human effort from multiple channels and teams to scale, being the force-multiplier needed for their organization’s protection. Everyone has a role to play in data protection, so taking advantage of all team members will go a long way to addressing a security threat.
Reevaluate your current security tools
Star Wars also provides lessons on what not to do when it comes to an organization’s endpoint security. Yes, even in the cybersecurity field, doing too much of a good thing can ultimately work against the end goal – protecting the enterprise from a data breach.
Star Wars is culturally transcendent, it has influenced the thinking of global societies and even impacted how we think about policy and law—that’s an incredible achievement. But, then there came a series of movies that arguably did not further the value of the Star Wars franchise – Phantom Menace, Attack of the Clones, Revenge of the Sith, let’s not talk about Solo – all movies that received questionable reactions from its fans. There is such a thing as extending a good thing too far, just as layering too many (individually valuable) security tools can result in a hyperspace collision.
According to a recent study of six million enterprise devices representing 12,000 organizations across North America and Europe, endpoint security spend is often voided because tools and agents fail, reliably and predictably. Before spending more on brittle agents, we need to persist the ones we have; regenerating them in real-time, to ensure we achieve the security we want to experience.
For IT and security teams, their endpoints suffer the same tragedy as these disappointing and overwhelming Star Wars movies: agent collision. When we have too much of a good thing (security controls, apps, and agents) on our devices, we increase the probability of agent collision and resource monopolies. When this happens, the security agents and controls we ‘think’ are keeping us safe are actually decaying over time. Unless we are able to resurrect broken, disabled, and tattered agents, we will not be able to overcome the persistent urge to invest in more security tools (or make more Star Wars movies!).
Among the celebrations that will take place on May 4, take note of the security lessons we can glean from this monumental franchise. To be sure, there are plenty of daffy ideas together with the brilliant ones, but that too, becomes a tutorial from Star Wars. Whether the film series teaches something we should do, or illustrating what we should not do, the wisdom of Yoda rings true: “Do. Or do not. There is no try.”
Josh Mayfield, Director of Security Strategy at Absolute
- We've also highlighted the best endpoint security software