Cisco UK & Ireland Blog

Identifying the Rogue One

May 4, 2017

First of all, a very happy Star Wars Day to you, from all at Cisco. May the fourth be with you all as we celebrate the greatest movie franchise of all time.

As stories go, it doesn’t get much better than the one that began a long long time ago in a galaxy far far away.  An intergalactic war breaks out due to some very sensitive inter-family issues, and lasts for decades.

It has spectacle, it has heart, and its killer twist set the benchmark for popular culture for 40 years.

Often copied; never bettered.

However, just as Oasis once claimed, true perfection has to be imperfect. There are a lot of hard to explain, yet very amusing, plot holes in Star Wars. Here are some of my favourites:

  • Vader has no idea that he has a daughter. He can sense Luke’s presence from several parsecs away, but he can’t tell his own offspring when she’s standing in front of him, threatening him with Imperial Senate sanctions. What’s that about?
  • Ben Kenobi dedicates his later years to making sure Vader never finds out about Luke…but for some reason he didn’t think that giving Luke the surname ‘Skywalker’, or having him live with his aunt and uncle in the same house that Vader grew up in, would give the game away at all.
  • The Ewoks, the much maligned pint sized inhabitants of Endor, have a women’s dress that just so happens to fit Leah perfectly.

For me, this is all part of what makes Star Wars great.  We the fans embrace the nitpicky mistakes and love the movies all the more for them.  Remember when George Lucas added the ‘clunk’ sound for the DVD release, on the moment a storm trooper accidentally whacked his head on an opening door?

When it comes to movies, I believe we have to allow filmmakers a certain degree of creative freedom. If we don’t, we will be forever imposing limits on their imagination.

Yes, Frodo could have hopped on one of the giant eagles, dropped the one ring off in the fires of Mount Doom and then be back home again for second breakfast…but where’s the fun in that?

I make an exception however, when it comes to the topic of cybersecurity. Call me capricious, but I just think that if you overlook the basics of cybersecurity when you’re planning a galactic project that will change the course for everyone that exists in the expanded universe, then you’re asking to fail.

I’m talking, of course, about the capturing of the Death Star plans in the latest Star Wars story, Rogue One.

If you haven’t seen this film yet, then beware as there are a few spoilers ahead…

I gleefully took my young niece and nephew to the cinema to see Rogue One when it first came out, and then I went to see it a few times more by myself.

I loved it.  It had a great deal of heart, some wonderful risk taking scenarios, and enough tension to power a tie-fighter.

However, the Death Star plans were relatively easy to retrieve once they were located (as long as you could jump), and for me this just didn’t seem like the kind of oversight that the otherwise cunning and strategic nature of the Empire would make.

For one, the physical security guarding this highly sensitive information was minimal, and in the end Jyn, Cassian and the dry humoured K-2SO didn’t have to do much more than dress in disguise.

For another, why would you store all your important information all in one place? You could have had a field day with the amount of information stored there, even if you weren’t after something specific.

Then there’s the main shield, which was designed to act as the ‘goalkeeper’ and stop information from being transmitted if necessary. It worked to a certain extent, but unfortunately, the shield had another, just as important purpose; it lets ships pass in and out.

So, when the shield was open to let a ship in, anyone was free to transmit any signal they wanted to. That just doesn’t make sense. Your crucial cybersecurity product working only when it’s convenient? That’s a ‘trap’ waiting to happen…

However, the real crux of it came down to the big reveal that the ‘vulnerability’ in the Death star (later exposed by Luke and his fellow fighter pilots at the Battle of Yavin), wasn’t an oversight. It was put there deliberately by scientist Galen Erso.

Whilst a brilliant mind, Galen was never a supporter of the Imperial Empire. Orson Krennic used him for his kyber research abilities, never telling him it was actually being used for weaponised purposes. When he found out, courtesy of his wife Lyra, Galen escaped the Empire and sought to protect his family from their reaches on the remote planet of Lah’mu.

Someone like Galen hardly seems like the ideal candidate to force back to the Empire to help them finish their biggest project; the Death Star. Yet that’s exactly what Krennic did.

Whilst Galen tried to pretend his memory was ‘not as it used to be,’ he was forced to accept his fate after his wife was caught in a crossfire. Jyn, then a young girl, escaped and was brought up by resistance fighter Saw Gerrerra, and ultimately became a soldier in her own right.

Galen meanwhile spent his formative years trying to stall the Death Star’s completion as much as possible, unbeknown to Krennic who must have thought his bullying tactics had worked.

Galen built in the fatal flaw, made sure it was hidden, and then produced a holographic intended to be viewed by his daughter Jyn, revealing that the Death Star plans were hidden on the planet Scariff.

Jyn took the information to the Rebellion, who initially didn’t believe her, forcing Jyn and her newly formed crew to ‘go rogue’.

The Empire seemed to make the same mistake that catches many businesses out these days from a cybersecurity point of view; underestimating the importance of people.

In our 2017 Annual Cybersecurity Report, we revealed that 27% of third party cloud applications introduced by employees into enterprise environments in 2016 posed a high security risk.

This is Shadow IT – the practice of employees using any applications they fancy, without getting the IT department’s approval, and the problem is increasing:

  • 80% of end users use software which isn’t cleared by IT
  • 83% of IT staff admit to using unsanctioned software or services
  • Only 8% of all enterprises actually know the scope of shadow IT within their organisation.

Even if the person introducing the Shadow IT doesn’t have any malicious intent (more often than not it comes from a good place, albeit a naïve one), it can still create huge security vulnerabilities.

Especially if you don’t know how far the problem extends…

Then there are those employees who do have malicious intent. It’s surprising how many companies let their employees walk out the door with their most sensitive information, and don’t change the passwords on whatever programs they had access to.

It all comes down to visibility.

That vulnerability stayed buried in the Death Star for years. Perhaps the Empire was so focussed on their plans for destruction that they didn’t think it necessary to look for problems within. That oversight meant that many stormtroopers didn’t make it back home the night that Luke and his Rebel fighters put a fire in the hole.

I still count Rogue One as a tremendous movie. It’s certainly in my top 4 Star Wars films. I just would have liked to have seen Jyn and her crew facing a bit more of challenge getting hold of the Death Star plans, once they knew where to look for them, and less time on the whole shield/signalling thing.  That just didn’t make sense to me…but feel free to tell me your thoughts!

  • Could you identify the rogue elements in your business that could cause a cybersecurity breach? If not, find out how to improve your visibility and find your security weak points at
  • If you’d like to know more about the current business threats, and how to protect yourself against them, download our 2017 Annual Cybersecurity Report.
Leave a comment


  1. Great article Hazel and good comparison.

    Its good that we give film makers creative freedom to explore ways to portray the things of our imagination.

    Its a volatile combination- the human imagination and technology – look at what the humble Star Trek communicator has become. The Star Trek crew had iPad before they were invented.

    So finally cyber-warfare, dragging our “human faults -greed, lust, envy, hatred, etc” along for the ride of our technological future, we have to be vigilant to protect our beautiful and useful technologies from our human faults, lest they turn against us and be used against us.

    I follow Cisco Talos and am amazed at the design and operation of intrusive programs. If we could only redirect that ingenuity to a worldly beneficial purpose.

    Thanks for your article


  2. Of you ever want to know how Star Wars is ever going to end up…

    Learn the history of the Natchez Indians of Mobile Alabama and Osceola – in one instance under another story he is referred to as SkyWalker.

    He used the same tricks of the mind and while called a Seminole or “One who ran away” – the truth is he never did run away and he was said to have lost his head when his doctor, Dr. Weedon took it away.

    His family lives.

    The Dark Father searched for the boy – Andrew Jackson never gave up and Weatherford was said to be the one looking for him.

    William Weatherford (Guillermo) was the husband of Nancy Fisher (Also known as Seminole – Okla Homa (Kahlioka).

    The Statesman was David Crocket Weaver… Who was famed as Davy Crockett legends that we think of as Tennessee but forget that Tensas (Natchez was Tensas but was named Mobile in 1814 but it’s famous battle of New Orleams was retold to create the Story of the Alamo in Texas)

    Everyone would do well to re-read the American State Papers and Claiborne’s Mississippi and then the Mississippi Archives…

    The Gulf Coast takes the History of the New England down the Plantations that are later called Colonies and are removed and to the North and labeled the State’s we now know today.

    The technology is the Industrial Revolution.

    SkyWalker is Osceola when the story is told in a magazine in about the 1870’s and he has mythical powers over others using mind control.

    The family was hunted and would still be if it was known that the sister of Osceola aka SkyWalker actually survived the birth of the United States and Uncle Sam – from 1814 would spare no expense to ensure the truth was never learned.

    The old Republic and Jedi Knights… Hmm…

    There was such a Republic and there were said to be Bounty Hunters.

    And the Children of the Sun knew no such thing as rest.

    It was faulted to a certain Mr. Weaver for the creation of the State of Oklahoma around 1907.

    However it was a certain Mr. Hudson whom has the Hudson River and threatened the Indian Agent with imprisonment.

    It was the Natchez that was obliterated and made to disappear from history even while the history of Chetaugau aka Chestang was littered across the country.

    The Panzacola Mound was the used for a prison for Gerome Chestang but he was called Geronimo and his people of Apalachee were renamed Apaches and given immortal fame.

    The list goes on.

    Ultimately the land was taken in the early 20th century and the lies now pass for American History.

    Take a look and lol it up.

    The parallels are startling to one who has access to old material before the USA sanctions each State to write or create a history for itself during the run of the 20th Century.

    Sound fictitious?

    Learn more – read the Mississippi History and Claiborne’s Works.

    Maybe George Washington isn’t quite right and DuPont didn’t recollect everything true about that black powder plant or where in Florida his land and paper money truly derived from…