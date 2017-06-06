- log in
- account
For More Cyber Operations Wins, Cheat…
Posted by Chase Cunningham on June 6, 2017
- 4 Recommendations
- 0 comments
Before my last deployment (quite a while ago, thankfully) my unit was training on a variety of tactics to make us all more effective in an operational setting. That’s the long way of saying we were all getting PT'd repeatedly and learning how terrible we were at stopping the bad guys, luckily we all got better as time went on. Anyway...
One of the most valuable lessons we learned from working with the guys in some of the more “special” operational roles was that things shouldn’t be fair.
In other words, the bad guys didn’t play fair…Why should we?
How could we expect to win if we played nice and everyone else was moving with no holds barred?
I literally had a very crusty, very angry Master Chief say to me “if you ain’t cheating, you ain’t trying.”
Then we got PT'd again anyway, thanks to his acute observation of the squad’s failure to move on the threat fast enough, hurray push-ups. But nevertheless, his message came through (many, many push-ups later).
We got very good at cheating. We would do everything from placing sugar packets under rolling obstacles on the obstacle course so they didn't move and we could move faster, or shoving extra ammunition magazines in every conceivable spot on our persons we could find. One guy sounded like he had been eating ammo for his morning cereal he jingled so much when he walked, but he always had rounds long after the bad guys had run out. Once we had the concept down that in an operational setting, the bad guys weren’t playing fair – neither should we; our unit started winning more and taking the heat to the bad guys. By the time we left for deployment we were very good at stacking the odds in our favor and we continued this for the whole of our operational time.
It should be the same way in the cyber security setting. Your team and your security folks should be comfortable with cheating the bad guys out of a win. Can your team set up collection points and bogus assets that can be hacked so you can gain intel on the bad guys, if so then heck yes. Are you able to funnel traffic to a place where you “own” the connections and can “see” everything, then yes. Do that. Grab the chess board and turn it around so you can move the chess pieces into a place where you can game the system, be deceptive, funnel traffic, do anything operationally or technically that gives you the edge, cheat and win.
Use technology that gives your team or organization the upper hand. Inspect all your traffic, use more powerful analytics, honeypot, encrypt everything, whatever you can do to “cheat”. Find some way to be better than the adversary. Don’t play fair, ever. Cheat the enemy out of their tactical advantage.
You can be guaranteed that the bad guys would (and probably are) doing this very thing to your networks, users, and applications. Why the heck shouldn’t you? Cyberspace is a live fire operational environment, it’s a war zone that almost every person and certainly every bit on the planet touches in some way. Accepting that concept and embracing every possible advantage you and your team can come up with is a key to gaining tactical ground, which will lead to a strategic advantage.
You want to win in the cyber battlespace, cheat…
Search Forrester's Blogs
Featured
Predictions 2017
The dynamics that will shape the future in the age of the customer »
Free Webinar
Planning for innovation and risk in the wake of Brexit »
Forrester's CX Index
Predict how actions to improve CX will affect revenue performance.
Measure the customer experiences that matter most »
Analyst Blogs
- Amy DeMartine (1)
- Andras Cser (48)
- Chase Cunningham (5)
- Chris McClean (60)
- Christopher Sherman (8)
- Enza Iannopollo (3)
- Heidi Shey (22)
- Jeff Pollard (4)
- Jennifer Adams (1)
- John Kindervag (28)
- Joseph Blankenship (2)
- Laura Koetzle (2)
- Merritt Maxim (8)
- Nick Hayes (15)
- Peter Cerrato (1)
- Renee Murphy (10)
- Rick Holland (45)
- Stephanie Balaouras (80)
- Tyler Shields (24)
Top Categories
- Cyber Attacks (3)
- advanced persistent threat (2)
- cyber security (2)
- #big data (1)
- CISO (1)
- Corporate Communication (1)
- cybersecurity (1)
- Digital Risk (1)
- encryption (1)
- government security (1)
- See all
Archives
- June 2017 (1)
- May 2017 (3)
- April 2017 (1)
Comments
Post new comment