Defense Starts With Security

Countdown Overview

To commemorate the Carolina Panthers’ run to Super Bowl 50, as well as highlight important topics in the IT Security industry, OnWire conducted a 7-day countdown combining (and placing an emphasis on) common football and security terminologies. The “Defense Starts with Security” series culminated with our OnCloud FedRAMP, MFA with PIV webinar that took place on Thursday, February 11th. To request a copy of the slides used during the webinar, please fill out the form on this page.

Day 1 - Threats

For day one of our 7-day countdown, we decided to address threats.

There are many threats when it comes to the game of football – such as the threat of injury or the threat of defeat. There is also a threat to the quarterback (QB) each time he takes the field – relentless defenses swarm any chance they can to try and record a sack.

Then you have the Triple option threat. The Triple option is a football scheme used to offer multiple ways to progress the ball down the field. The triple option forces defenses to worry about multiple running options on a single play – the QB decides whether he will give the ball to the fullback (FB), to the halfback (HB), or keep the ball and run it himself.

The deciding factor in the QB’s decision is based on what the opposing team’s defensive end (DE) does. If the DE focuses on the FB, then the QB will either keep the ball or hand off to the HB. If the DE charges up the middle towards the QB, then he will hand the ball off to either the FB or HB depending on which one has running room. To summarize – the QB has multiple options to end an imminent threat.

Similar to football, there are many threats to keep in mind from a cybersecurity standpoint in 2016. A recent Gartner study predicts that there will be roughly 6.8 billion connected devices by the end of 2016, and that number jumps to more than 20 billion connected devices by 2020 – meaning that for every human being on the planet, there will be 2-3 connected devices.

With the radical evolution and growing number of smartphones and new technologies, however, come more threats to keeping personal information secure. One such example is the OPM hack of April 2015 that affected nearly 22 million current and former federal government employees. Personal information, such as birth dates, social security numbers, and home addresses, were compromised.

Due to the recent OPM security breach, new mandatory requirements have been developed for many federal agencies that hold sensitive data on their applications. These federal agencies will now be required to strengthen their levels of authentication – such as multi-factor with the use of a certificate-based Personal Identity Verification (PIV) card.

To learn more about this topic, including how OnWire’s comprehensive Identity and Access Management (IAM) Platform solution – OnCloud® – addresses this mandatory compliance requirement, register for our FedRAMP, MFA with PIV webinar taking place next Thursday, February 11th, at 2:00 PM EST / 11:00 AM PST.

Day 2 - Safety

For day two of our 7-day countdown, we decided to address safety.

When it comes to a “safety” in football, the play is great for one team and a disaster for the other. For those that are not football-savvy, a safety is an uncommon play that occurs when a player causes the ball to become “dead” in his own end zone. This can happen in a number of ways, including if a player is tackled or goes out of bounds in his own end zone while carrying the ball, or if he fumbles the ball and it goes out of bounds in his own end zone.

A safety results in the team on defense receiving 2 points on the scoreboard and getting the ball back for their offense – the team that gives up the safety is forced to punt the ball away from their own 20-yard line. To summarize, the team that forces a safety is awarded 2 points and gets the ball back on offense – sometimes resulting in a 9- or 10-point swing in the game.

Just like a defense that forces a safety in football, keeping personal information secure and “safe” from a cybersecurity breach is a positive thing. Safety, and keeping information secure, plays an important role in our industry – the Department of Homeland Security (DHS) recognizes October each year as the National Cyber Security Awareness Month.

During the month, DHS reminds individuals, business owners, and other organizations to reflect on the current and most common cyber threats and make sure that they are prepared for cyber attacks. The FBI even publishes tips for individuals to follow to ensure that their networks, devices, and even Personally Identifiable Information (PII) are safe.

One way that the government is taking a stand on keeping federal employee’s information safe is with the new rigorous requirements surrounding PIV cards. A PIV card, or Personal Identity Verification card, is a smart card that contains the necessary data for the cardholder to be granted access to Federal facilities and information systems and assure appropriate levels of security for access to Federal applications.

To learn more about this topic, including how OnWire’s comprehensive Identity and Access Management (IAM) Platform solution – OnCloud® – addresses this new compliance requirement, register for our FedRAMP, MFA with PIV webinar taking place this upcoming Thursday, February 11th, at 2:00 PM EST / 11:00 AM PST.

Day 3 - Architecture

For day three of our 7-day countdown, we decided to address architecture.

When it comes to “architecture” in football, you have to think of the individual players at different positions that make up a team. Today, we will focus on the offense. The most important player on offense is the Quarterback (QB) – particularly because he is the primary decision maker. Besides the QB, another key player is the Running Back (RB) – also referred to as Halfback (HB) or Fullback (FB), depending on the athlete’s size and speed.

On the frontline of the offense are five Offensive Linemen (OL), whose primary job is to block and prevent the defense from sacking the QB. The OL is made up of a Center (who begins play from scrimmage by snapping the ball to the QB), two Offensive Guards (who line up on either side of the center), and two offensive tackles (who line up outside of the guards).

One of the more interesting positions on offense is the Tight End (TE), who plays on either side of, and directly next to, the tackles. A TE is often seen as a hybrid player who must possess characteristics of both an OL and a Wide Receiver (WR). WRs are typically some of the fastest players on the team, and are involved in passing plays – WRs must beat opposing defenses down the field and get open to catch passes.

Unlike football, where the term references different positions that athletes play on a team, “architecture” in the cybersecurity industry is defined as a unified security design that addresses the necessities and potential risks involved in a certain environment or scenario. It also specifies when and where to apply security controls.

Architecture Risk Assessments are key to security architectures – these assessments evaluate the business influence of vital business assets, and the odds and effects of vulnerabilities and security threats. Once the architecture has been finalized, it reaches a stage called Implementation – where the security services and processes are implemented.

Following implementation, the Operations and Maintenance (O&M) phase begins. During this stage, security engineers monitor the system’s performance, provide end-user support through training and documentation, manage changes within the system architecture, and perform required security activities – such as backups, contingency planning, and audits.

To learn more about this topic, as well as receive an overview of the IBM Security products that make up OnWire’s comprehensive Identity and Access Management (IAM) Platform solution – OnCloud® – register for our FedRAMP, MFA with PIV webinar taking place this upcoming Thursday, February 11th, at 2:00 PM EST / 11:00 AM PST.

Day 4 - Attacks

For day four of our 7-day countdown, we decided to address attacks.

The most common attacking technique in football is called a tackle. The primary purposes of tackling are to stop the offensive player from gaining ground towards the end zone or to dispossess an opponent of the ball. Another goal of tackling is to ensure that the offensive player doesn’t gain a first down.

One example of a “trick” attacking play in football is called a flea flicker. The flea flicker play is designed to fool the defensive team into thinking that a play is a run instead of a pass. The play starts by the Quarterback (QB) handing the ball off to the Running Back (RB). Before the RB crosses the line of scrimmage, he turns around and laterals the football back to the QB.

The play happens in a split-second, but it forces the defense to attack the RB – freeing the QB from any immediate pass rush and leaving receivers potentially wide open down the field to catch a pass. The flea flicker isn’t utilized often in football today as it is an extremely high-risk call – it often results in a big gain for the offense, a turnover, or a big loss.

As with a defense in football, attacks (and the threat of an attack) are a major concern to the IT Security industry. One recent study conducted by the Deloitte Consumer Review found that nearly 20% of consumers have experienced the theft of their personal information that criminals have used to make fraudulent purchases.

Examples of recent consumer information hacks include the LinkedIn hack of 2012, when over 6.5 million passwords were compromised, and the Target hack of 2014, when nearly 110 million shopper’s personal data was stolen after an employee clicked on a malicious phishing email.

In the Federal space, the Office of Personnel Management (OPM) hack in April 2015 affected nearly 22 million government employees – information stolen included social security numbers, passwords, and fingerprints. The OPM breach is considered one of the worst cyber attacks in U.S. history, and it forced the government to create new mandatory requirements for Personal Identity Verification (PIV) cards to keep federal employees’ Personally Identifiable Information (PII) safe.

To learn more about this topic, including how OnWire’s comprehensive Identity and Access Management (IAM) Platform solution – OnCloud® – addresses this compliance requirement, register for our FedRAMP, MFA with PIV webinar taking place this upcoming Thursday, February 11th, at 2:00 PM EST / 11:00 AM PST.

Day 5 - Incidents

For day five of our 7-day countdown, we decided to address incidents.

One of the most common “incidents” in the game of football is called a penalty – which is a sanction against a team for a violation of the rules. Because football is a high-contact sport requiring a balance between offense and defense, many rules exist that regulate safety and the actions of players on each team.

It is very difficult to always avoid violating these rules without giving up too much of an advantage. Thus, an elaborate system of penalties has been developed to maintain a balance between following the rules and keeping a good flow of the game. Referees signal penalties by tossing a bright yellow “penalty flag” onto the field towards the spot of the foul. Many penalties result in moving the football toward the offending team’s end zone – usually either 5, 10, or 15 yards, depending on the penalty.

Most penalties against the defensive team also result in giving the offense an automatic first down; these calls typically result in momentum for the offense and an up-hill battle for the defense.

In the IT Security industry, a cybersecurity incident is described as an occurrence that results in adverse consequences to an information system or the information that the system processes, stores, or transmits. These incidents may require an immediate response action to mitigate the consequences.

Most companies develop a Computer Security Incident Response Team (CSIRT) that is responsible for reviewing, receiving, and responding to computer security incident reports and activity. Each organization defines what a computer security incident means for their company, but one such example could be an attempt (either failed or successful) to gain unauthorized access to a system or its data.

Incident handling includes three major functions: Reporting, Analysis, and Response. The initial reporting of an incident occurs first, followed by an in-depth analysis of the incident by the CSIRT. Responses to incidents can take many different forms – such as the CSIRT providing recommendations to upper management for recovery, performing response steps internally, or reporting the incident to the government.

To learn more about this topic, as well as receive an overview OnWire’s comprehensive Identity and Access Management (IAM) Platform solution – OnCloud® – register for our FedRAMP, MFA with PIV webinar taking place this upcoming Thursday, February 11th, at 2:00 PM EST / 11:00 AM PST.

Day 6 - Defense

For day six of our 7-day countdown, we decided to address defense.

We highlighted the key players on offense during Day 3 of this series when discussing the term architecture. Today, we will highlight the major defensive positions on a football team.

Like their offensive counterparts, Defensive Linemen (DL) line-up directly on the line of scrimmage. Two positions make up the DL – Defensive Tackles (DT), whose main goal is to rush the passer, and Defensive Ends (DE), whose main goal is to stop offensive runs on the outer edge of the line of scrimmage.

Linebackers play behind the DL and perform various duties depending on the defensive play call, including rushing the passer, covering receivers, and defending against the run. There are two types of Linebackers – Middle Linebackers (MLB) and Outside Linebackers (OLB). MLB, in particular, is a very important position as they are often referred to as the “QB of the defense” – they are the primary defensive play callers.

Defensive Backs (DB), also known as the secondary, play either behind the linebackers or set to the outside, near the sidelines. Cornerbacks (CB) and Safeties (S) make up this last line of defense. The main goal of the CB position is to cover the opposing team’s wide receivers, while the S position is concerned with helping the CB with deep-pass coverage.

In the IT Security industry, the term “defense” means that an organization has enabled its IT department and employees with technology and software to avoid cybersecurity hacks – or at least the company has developed an incident response plan, should a security breach occur.

Having the right cybersecurity defense strategy is key to keeping information safe. Today, the White House announced that they would be spending 35 percent more on IT security efforts in 2017. The new report also revealed that there is an immediate opening for a U.S. Chief Information Security Officer (CISO) to oversee and implement the country’s cybersecurity defensive strategy.

Increasing the budget to $19 billion for information security program spending, up nearly $5 billion from last year’s cyber-funding request, shows that cybersecurity threats are at an all-time high. With new technologies and more connected devices than ever before come the potential for larger (and more severe) security breaches.

To learn more about this topic, as well as receive an overview OnWire’s comprehensive Identity and Access Management (IAM) Platform solution – OnCloud® – register for our FedRAMP, MFA with PIV webinar taking place this upcoming Thursday, February 11th, at 2:00 PM EST / 11:00 AM PST.

Day 7 - Recovery

For the last day of our 7-day countdown, we decided to address recovery.

In football, a fumble occurs when a player who has possession and control of the ball loses it before being tackled. By rule, it’s an act other than passing, punting, or kicking that results in loss of possession. Defensive players typically force fumbles by grabbing or punching the ball out of the offensive player’s hands.

A fumbled ball may be “recovered” and advanced by either team; however, if the offensive team is the first to dive on the loose ball, then the play doesn’t result in a turnover. A fumble is one of three events that can cause a turnover and allow opposing defenses to recovery the ball – the other two being an interception or a loss of downs.

The most obvious way to recover a fumble is to fall on top of it and cradle the ball between both arms – although this can lead to injury if other players pile on top of you. Instead, another tactic that has become more popular over the years is the “scoop and score” method of picking the ball up and attempting to return it for a touchdown.

In the IT Security industry, the term “recovery” takes on a similar meaning. A recent report by a UK security company revealed that more than half of UK businesses expect to be hit by a cyber attack and that the average recovery costs are estimated to be £1.2m (roughly $1.75 million).

The report also found that about 50% of UK respondents said information security was vital to their organization, while roughly 20% admitted that poor information security was the single greatest risk to their business – ahead of decreasing profits (12%), competitors taking market-share (11%), and lack of employee skills (10%).

The survey showed that the expected recovery from a cyber attack takes an average of two months, and that revenue would drop nearly 13% following a breach. Respondents estimated that a breach would also result in “hidden costs” – such as reputational damage and brand erosion. The company who conducted the report surveyed key decision-makers in the UK, the U.S., Germany, France, Sweden, Norway, and Switzerland.

To learn more about this topic, as well as receive an overview OnWire’s comprehensive Identity and Access Management (IAM) Platform solution – OnCloud® – register for our FedRAMP, MFA with PIV webinar taking place this upcoming Thursday, February 11th, at 2:00 PM EST / 11:00 AM PST.