Checkmate: Cybersecurity Strategy for the Modern Battlefield
Chess is a strategic board game estimated to be over 1000 years old. The sharp mind and tactical acumen required to win this game was originally designed to reflect medieval battlefield tactics, and the pieces we use today reflect that.
In a modern context, this battleground has undoubtedly moved to the digital arena. Where warring states once fought along controversial territorial borders, 21st nations of the century are now more likely to launch a volley of cyberattacks than a dawn raid. Despite this, many parallels can still be drawn between the timeless game of chess and cybersecurity strategies in our modern world.
Today marking World Chess Day, it’s a good time to reflect on how businesses and security teams approach their cybersecurity strategies. What can New World Knights in silicon armor learn from this Old World board game?
White hats move first
In chess, the player with the white pieces always moves first. It is also commonly believed that this player has automatic advantage. In fact, in 1946, a man by the name of William Franklyn Streeter discovered “the advantage of the first move” – ââa concept that dictates that the player using white pieces will win, on average, more than 52% of all games.
In cybersecurity, white hats (security professionals) can also benefit from this concept. By understanding and locking down likely avenues of attack, White Hats can limit the chances of success for Black Hats (cybercriminals). First, by taking proactive security measures and anticipating attacks, businesses will automatically gain the âfirst-move advantageâ.
This approach is particularly relevant in cloud security. Our Global Advanced Threat Landscape Report 2019 discovered that as much as 55% of UK businesses do not have a privileged access security strategy to protect critical applications and cloud infrastructure. When the evidence shows that 77% of cloud incidents involved stolen credentials, this is an alarming result.
Deciding on the right approach to securing a multi-cloud environment can cause delays, but it is an easily solvable challenge and one that should be prioritized.
Strategic, not tactical
If you ask someone who has no knowledge of chess to play against you, they will play tactically. In other words, they’ll be responsive and make short-term decisions based on your previous move. This tactic just won’t work in the long run against a chess pro. This is because chess pros use strategy, not tactics. They bait other players into positions that are beneficial to them. Chess pros don’t just think about the next move, they think about the end of the game. They see the big picture.
As cloud adoption increases, the threat landscape expands. To function in this environment, companies must strive to adopt the same mindset as professional chess professionals in the digital world and see the big picture.
An example of a long-term strategy is to invest in Privileged Access Management, PAM for short. PAM is an integral part of the day-to-day operations of a business. It helps IT and security teams provide and remove access to different areas of a network for accounts running on their systems.
If, for example, a malicious gif allows a cyber attacker to gain a foothold on a network endpoint, PAM means that the compromised account will likely have limited control and reduced privileges over the system. The attack, in this way, is unlikely to penetrate further into the network. Instead of responding reactively to an attack, PAM enables organizations to deploy security measures in a preventative manner.
Protect the king
There is a hierarchy between the chess pieces. The pawns, the less powerful piece, are at the bottom. They are numerous and have limited capacities. The king – the piece that decides the end of the game – is at the top. The protection of the king, in other words, is of the utmost importance to a player.
Likewise, in cybersecurity, IT and security teams must work from top to bottom. They should prioritize the security of their organization’s most privileged accounts and credentials (those that provide access to critical systems and information) before moving down the chain of priorities. In the event of a cyber attack, losing a few “pawns” may be inevitable, but it is crucial to prioritize the protection of the “king”.
An integrated cybersecurity arsenal
One of the most discussed aspects of chess is its âopening principlesâ – the strategies players use to âopenâ a game. The most important principle of openness is for a player to use the diverse range of rooms at his disposal. To win at chess, all pieces must be used to achieve the end goal of cornering an opponent’s king.
In cybersecurity, companies must use a diverse set of tools to build their cyber defenses. This means using technologies like antivirus software, encryption programs, and privileged access management to cover all the bases.
However, the recent Report on the World Cyber ââResilience Organization showed that âOrganizations using more than 50 security tools rank 8% lower in their ability to detect and 7% lower in their ability to respond to an attack than respondents with fewer tools. “
To implement effective security, businesses don’t have to invest in security tools on a whim. History shows that attackers will often focus their efforts on strategies that offer the most access and therefore the most impact. These tactics often stick to a similar pattern. Organizations should focus their own security efforts and investments on breaking these patterns first, before moving on to more advanced measures.
Red team chess
You will often see people playing chess against themselves. Without a partner, this is a useful way to practice movements and techniques, going through the decisions they would make in certain scenarios.
The same technique can be applied to security. In fact, according to recent research conducted at the Black Hat conference in 2019, over 70% of those surveyed said their companies conduct ‘red team’ exercises. Simulated attacks can be used to actively search for vulnerabilities in their own security infrastructure – an effective way to proactively prepare for real attacks in the future.
By taking notes of a game that has been a guide to strategy for a thousand years longer than any security professional, organizations can remember where their priorities lie.
The main point to remember is that it is always better to be proactive than reactive. Strategic preparations before an event take precedence over a tactical response after it. Integrating security measures into the very framework of your organization’s processes using measures such as PAM should be a priority. Those who let the cyber attacker take the first step have already yielded the advantage.