Cisco UK & Ireland Blog

Be more Superhot: Welcome to the Cybersecurity Arcade

4 min read



The golden age of arcades: what a time to be alive.

From the mid ‘70s to the late ‘80s, the best and only way to while away the weekends and school holidays was to shell out 30p for 50 rounds of Space Invaders.

Whilst I don’t turn my nose up at today’s all singing, all dancing, ultra reality video games that my 11 year old son is mesmerised by, there’s something about the original game format (it’s trendy to call these things ‘retro’ now, I believe) that won’t go away.

When I was at Cisco Live last week I was given the opportunity to re-live my well-spent youth by playing Pac-man.  Those of you who work in cybersecurity will be aware that we tend to like this particular analogy – a big, bad hacker rolling his way through our systems, eating whatever he or she can find.

It got me thinking about how many other arcade games could be used to described how we try and deal with today’s threat landscape…but unfortunately none of them could cut the mustard.  We need a new, and well defined strategy to defeat the levels of cyber crime that we’re seeing today.

This weekend I happened to stumble upon my son playing a new game on his Xbox: Superhot.  It looks like an arcade game in that the characters are mere 8 bit silhouettes, but the concept is that time only moves when you move.  You are facing adversaries who are firing bullets at you from every side, which means you have to plan your move very carefully…now we’re talking…

For your entertainment and hopefully education, here’s a look at why a traditional cybersecurity approach isn’t working anymore, and why we must now take more of a ‘Superhot’ approach when protecting our businesses against cybercriminals in 2017.

Tetris

Still a favourite, and one which has seemingly made the transition from arcade to PC to smartphone with little denting of its popularity.

Tetris is all well and good at the beginning – the pace is favourable and controllable, and you can deal with the fact that you haven’t seen the long, straight block piece in a while – when it arrives, it will solve all your problems.

A few levels later – and that decision to wait for the straight piece is looking like a worse decision than when Decca Records said to the Beatles at their audition, “Four piece groups with guitars are finished.”

Your heart rate rises, you look at the line-up of shapes about to enter the queue (an S shape and a square shape – utterly unhelpful) and you feel like all hope is lost.

This is how most business have built their IT Security – they just keep adding products into their IT infrastructure as you go – and that’s when the gaps appear.  Gaps that hackers who want to set up botnets, deliver ransomware and earn themselves a decent profit, love to exploit.  So much complexity without much overall incremental effectiveness.  Sound familiar?

The key is to have a strategy with solutions that fit and work together, and to do that we must start with products that are built with openness in mind; products that intentionally play nicely with others in the security stack.  That’s what we do with Cisco – it really does increase your visibility into your network, and allows you to deal with cyber threats much more effectively.

Pinball

On paper, pinball doesn’t sound like the most scintillating activity – flicking a metal ball into a scoring zone, using flippers to bounce the ball against different targets.  But just like golf, it’s the levels of frustration which encourages the multiple attempts.

Pinball is what happens when you have all your security on the outside of your network.  Should something make its way through the cracks, it can catapult from folder to folder, infecting anything it touches.

What we need to do is have a plan for when the malware gets in – rather than ‘pinning’ all our hopes on the first shot at defending it.  Quarantine the threat, keep an eye on it, and make sure it doesn’t move.

This is the philosophy behind Cisco Stealthwatch.

Whack-a-mole

The best game if you’ve had a tough day.  Whether it’s moles, crocodiles, or great white sharks, there’s no better feeling than being able to whack it on the head and send it down from where it came (for about 3 seconds).  This game requires a quick eye and swordsman like timing.

‘Whack-a-mole’ is the reactive way of dealing with cyber threats.  See something bad – give it a whack.

Or, put a box there…

But what if we could see where the moles were coming, and make sure they never even make it above the surface?

Cisco’s Advanced Malware Protection continues to watch, analyse, and record suspicious activity.  If malware is spotted later, AMP sends your security team a retrospective alert that tells them where the malware came from, where it’s been, and what it’s doing. In a few clicks, you can contain and remediate it.  No more ‘whack a mole’.

Superhot: how it should be

In Superhot, you’re on your own, outnumbered, and bullets are flying at you from every direction.  It doesn’t sound like the situation you want to be in with your cybersecurity, but that’s what we’re faced with in 2017. Thanks to today’s mobile and cloud working environment, where a quarter of internet traffic actually bypasses the corporate perimeter, we are dealing with threats from every angle.

Here’s the key though:

You have one advantage over the figures who are trying to send you six feet under – because you have the time to think about where and when you’re going to move.  Time only moves when you do, which means you can stop mid-run and change direction.

If you have the right strategy, you are always one step ahead.

We need to see where cyber threats are coming from, and be in a position to be responsive – to stop more threats outright, drive down the time to detect them, and mitigate the most advanced threats.  That is what we’re offering to Cisco customers with our architectural approach to Security, which is driven by superb levels of intelligence and automation.

Find out more about how an architecture approach to Cyber Security can make your business safer by recapping the recent, brilliant presentation by Abishek Kumar.

Authors

Phil Goff

SE Manager

Global Security Sales Organisation

Leave a comment