• United States




Enterprise security needs a Mother of Dragons to keep attackers out

Aug 25, 20174 mins
Data BreachDLP SoftwareSecurity

Some Game of Thrones defense strategies you can apply to your organization's cybersecurity strategy

{Spoiler alert: If you have not watched all episodes of Season 7 of Game of Thrones thus far, stop reading.}

Fans of the hit HBO series Game of Thrones are anxiously awaiting the Aug. 27 season finale, wondering what dangers lie ahead for their favorite characters both inside and beyond the wall.

The season began with Arya Stark’s brilliant impersonation attack that took down House Frey, and now the murderous White Walkers have potentially turned one of Daenerys Targaryen’s “children” into a malicious insider.

Much like Jon Snow and Daenerys Targaryen dealing with their many threats, organizations across industries are facing an army of security threats — from hackers stealing sensitive data to ransomware spread through impersonation attacks. 

For some companies, planning for those threats is ongoing. Some are tentative to move forward, while others might have started conversations when Mimecast hosted the Cyber Resilience Think Tank at this year’s RSA Conference during which CSOs and security experts hoping to push folks to create industry standards contributed to the conversation.

What it means to be a strong security leader

Before deciding to head south in search of dragon glass, Jon Snow considers the voices of the people in the north. Security leadership in the cyber world is no different. It’s important for industry experts to come together and discuss the security challenges facing organizations so that they can build a cyber resilience plan. 

Daenerys Targaryen also strategizes with advisors on how to conquer Cersei Lannister and advance to the throne — like Bob Adams, cybersecurity specialist at Mimecast, heard the wisdom of the experts at the Think Tank.

With the goal of establishing industry standards, Adams shared some of those comments so that enterprises can start to develop a strategic cyber resilience plan that considers broad business objectives. Read the cyber reliance report published by Mimecast (pdf) to help with your preparation.

Game of Thrones defense strategies

To further help you create your cyber resilience plan — and get amped up for Sunday’s GoT season finale — here are some additional tips: 

  • Don’t put the onus on IT: Engage leaders across the business — similar to how Jon Snow empowered Sansa to oversee Winterfell while he is away. Maybe that’s a bad example, as Sansa seems to be tempted by the sin of hubris, but there are others who are capable of effective leadership.
  • Communicate, educate and engage: While you don’t want to use ravens to communicate, like they do in Westeros, you need a solid and efficient communications plan within an organization so that you are prepared when one “wild fire” is set loose. 
  • Don’t rely on the perimeter for protection: Businesses can think their organization is safe, as the seven kingdoms once was when the Wall was in its prime. However, much like the Wall, their defenses have been overlooked and neglected over the years. It may have been months or even years since companies have taken a deep dive into their security. When they do, they may find numerous flaws. If a business is not quick to address their weaknesses, attackers will surely exploit them.
  • Expect the unexpected: A concern these organizations should have is what can, and will, happen should a breach occur. They can’t call on the Iron Bank or the Tyrell’s to bail them out. Jon Snow was fortunate to have backups to assist him — twice. Do you have backups? Are you prepared to handle a breach? 

While preparing for potential attacks feels like you are planning for hypotheticals, the threat of a breach is very real. Sure, Sunday’s are reserved for Game of Thrones, but every day in the cybersecurity world is a new day for a new attack. If — like Cersei — you believe the threat is not real, that it’s nothing more than a story, you can’t be prepared for it.

Jon and Daenerys have seen the Night King; they know winter is coming. But House Lannister chooses to rely on a false sense of security. When the threat arrives for you, will you be prepared or will a breach be a catastrophe as large as the dragon fire that wiped out the Lannister’s army?


Kacy Zurkus is a freelance writer for CSO and has contributed to several other publications including The Parallax, and K12 Tech Decisions. She covers a variety of security and risk topics as well as technology in education, privacy and dating. She has also self-published a memoir, Finding My Way Home: A Memoir about Life, Love, and Family under the pseudonym "C.K. O'Neil."

Zurkus has nearly 20 years experience as a high school teacher on English and holds an MFA in Creative Writing from Lesley University (2011). She earned a Master's in Education from University of Massachusetts (1999) and a BA in English from Regis College (1996). Recently, The University of Southern California invited Zurkus to give a guest lecture on social engineering.

The opinions expressed in this blog are those of Kacy Zurkus and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.