3 Principles of Football Defense (And Endpoint Security)
Let’s face it—it is going to be hard to stay focused on cybersecurity this weekend. The Superbowl, one of the biggest days in sports, is this Sunday between the New England Patriots and the Philadelphia Eagles. It’s sure to attract the attention of millions of people across the country. The conversation will be dominated by touchdowns, rushing yards, and the viability of different tortilla chip brands rather than endpoint security and next-generation anti-virus software.
But perhaps we can turn this into a philosophical teaching moment for cybersecurity, as my colleague did for DevOps. After all, the principles of football defense aren’t all that different from InfoSec best practices in endpoint security.
Here are 3 ways that football defense and endpoint security align:
1. Have a Intimating, Aggressive Defensive Front Line
The defensive line is critical to any football team’s strategy; they’re necessary to put pressure on the quarterback, cut the offensive play short, and hopefully stop the quarterback in their tracks, setting them back in their future plays.
The same is true for endpoint protection: think of your firewalls and anti-malware detection capabilities as the defensive front line. If the hacker is the quarterback in this analogy, you don’t want to make it easy for them to run their plays. The stronger your detection technologies are, the more likely you can prevent breaches before they happen and fortify your defenses against future attacks. The best case scenario is that the hacker never gets close to your databases, here represented by the endzone.
However, even with the best detection technologies or defensive line in or on the field, you can’t prevent every play or security event. You’ll need more than that to keep your endpoints secure.
2. Use Flexible Cybersecurity Strategies to Prepare for Any Kind of Attack
Quick: do you play man-to-man or zone coverage?
The answer of course varies on many factors, including the players on the field, the type of play being run, and if your goal is a total shutdown of yards or strategically limiting the yards they gain. The same is true of endpoint security. Locking yourself into a concrete, one-size-fits-all strategy or emphasizing a high regarded technology is a good way to open the door to creative or resourceful hackers.
Your ideal endpoint security solution must anticipate as many attack vectors and vulnerabilities as possible including mobile devices and IoT devices, and have the flexibility to respond to new kinds of threats when recognized.
3. Have a Recovery Plan At the Ready
Total shutouts are rare in football, as satisfying as they can be if your team achieves it. Rarely is there a perfect defensive game plan. In endpoint security, it is impossible. Eventually, your defense will fail.
The good news is that with the proper preparation, this may not spell a total game-losing rout but a simple setback. Having an incident response plan coordinated with your solution provider can help mitigate the damage of a breach and ensure proper procedure for the quickest response time. Making sure your endpoint security solution has a recovery and backup component for these situations and events can be the defensive adjustment necessary to get you back on the field.