What the Spartans Can Teach Us About Cybersecurity
Almost 2,500 years ago Leonidas and his force of roughly 7,000 Greek soldiers battled against Xerxes and his Persian army numbering in the hundreds of thousands. The Greeks held off the Persian army for seven days at a mountain pass named Thermopylae providing critical time for Athens to be evacuated and for Greece to prepare for a final confrontation with Xerxes. The story of Leonidas and his Spartan’s has served as the inspiration for countless books and movies, including the popular “300,” and while the story provides great fodder for entertainment it also contains lessons that can be applied today in the war against cyber threats. The mountain pass that constricted the enemy’s larger force, the traitor (insider) that ultimately helped Xerxes defeat Leonidas, the evacuation of Athens, and the planning that led to Xerxes’ ultimate defeat can all be related to the defense, and ultimate defeat, of cyber threats.
The Mountain Pass
The first and perhaps most obvious analogy involves the narrow mountain pass and its value to a defending force. Historical documents describe the mountain pass as an area between a cliff and the sea only wide enough to fit a cart through in some places. From a network security perspective, the comparisons that come to mind are that of a next-generation firewall, a web or email gateway or a cross domain solution. These devices form the nexus point where attacks against a network can be defended most effectively. While network security devices provide some basic protection against threats they also serve as a force multiplier for cybersecurity solutions - just as the pass at Thermopylae did for Leonidas’ significantly outnumbered forces. By considering human behavior and the human point of interaction between people, critical data and intellectual property as part of cyber defense, a traditional network security system can be transformed into a component of an effective cybersecurity solution.
The Malicious Insider
During the first two days of the assault it is estimated that the Persians lost up to 20,000 men. By all indications the Greek force was holding their own and the Persians were reported to have been utterly perplexed. At the end of the second day the Persians received an unexpected gift. A traitor named Ephialtes, seeking a reward, brought inside information to the Persians about a parallel passage that would allow their forces to encircle the Greeks. The actions of Ephialtes provide us with an example of the potential for damage that an insider threat represents. Insider threats are not always malicious, however their intent does not negate the potential for catastrophic consequences.
The 7,000 men that defended the pass were not simply a rag-tag group of disorganized soldiers. Leonidas’ force consisted of soldiers from several different Greek city states in addition to his own Spartans. The Phocians, guarding a path above Thermopylae, saw the Persian forces moving along the parallel path to outflank the Greek main force. A runner communicated this back to Leonidas enabling him to make a command decision that allowed thousands of his men to retreat and fight another day. By way of comparison, within a cybersecurity context we can draw the conclusion that access to information on human behaviors, and their interaction with critical information systems, is essential to effectively combating cyber threats that may occur anywhere at any time. As companies increasingly look to the cloud to save money and expand business, the increase in attack surface requires both on premise and cloud cyber defenses to work in concert.
Forcepoint’s firewalls, gateways, cloud security and cross domain solutions create a secure nexus that acts as a force multiplier for our comprehensive suite of security technologies including our unrivaled Insider Threat and Data Loss Prevention products. Our solutions provide the narrow mountain pass and the peerless soldiers to defend it. This approach is only possible through integration of these technologies and together they provide a solid foundation from which an organization can effectively counter complex cyber threats.
In the end the Greeks repelled the Persian invasion through superior tactics and decision making. Within the realm of cybersecurity we must draw upon these valuable lessons from the past. We must address the blind spots in our security solutions, including the possibility of insider threats. We must implement holistic solutions, keeping in mind that humans are at the core of all information systems, as we work toward the ultimate goal of enabling intelligent defenses in the war against cyber threats.