SPHERE Insights is an ongoing column written by various members of the SPHERE team, highlighting unique viewpoints and expertise. This inaugural article comes to us from Security Analyst and Starcraft aficionado, Noel McCormick.
One of my favorite game series is Starcraft. Growing up, I’d stick to the family computer like glue and wreak havoc on the warring tribes in this virtual world. Starcraft is a strategy game, so several elements need accounting for:
- Map Exploration – Gathering intel on the map (environment) and your enemy, while keeping your secrets safe.
- Base Building – Choosing where you’ll build your base and defend it and where you’ll place elements of your base.
- Workers – Deciding where to assign your workers (resource collectors), and how many you need.
- The Enemy – Strategizing how and when you’ll attack them.
Very similar to a game of Starcraft, organizations need to understand the map. Understanding the environment and who shares it with you is incredibly important. Where and what structures you’ll build are quite important. Deploying a legacy router with known vulnerabilities outside a Firewalled network…that’s just asking for trouble! Commanders need to know what their workers (AKA employees) are up to, and their level of access. Lastly, you need to figure out how you’ll lay waste to the opposition but keep your troops (assets) safe.
Study and Research
As you can see, Starcraft strategy is symmetrical to cybersecurity, and the role of a Security Analyst. Securing your assets in an ever-changing technological landscape is a challenge….and for those of you who’ve played Starcraft, you know the game is full of its own set of obstacles. If you want to be successful, you’ll look into what each worker is responsible for. You’ll seek to understand the purpose and placement of each building and resource. If you’re lacking resources, how can you make your current repertoire work for you?
The Developers consistently crank out tweaks to the game. These tweaks range from character stats and game-stability to new maps. You’ve got to be willing to learn, adapt and run with the gamechangers. I’ve subscribed to what feels like TOO many tech news sites in order to stay current, and have updates emailed, too. The lesson to remember here is: be open to curveballs and learn their trajectory.
Thinking strategically is important, but so is creativity. Knowing the facts are important, but innovation and standing out is key. I’ve surprised many fellow online gamers by sending all my workers to take out the opposition early game (don’t do this in real life!). The result of brainstorming and presenting your ideas often yields surprising but pleasant results. There are multiple paths to the objective allowing you to spread your wings a bit.
You don’t have to Starcraft alone – you’ll often go to war with teammates by your side! Communication is key and bouncing ideas off of your comrades is conducive for victory. Your teammates often appear in the form of clients. Converse at will – get to know them, their organization and how you can lend a hand. Being technologically savvy means nothing if you can’t voice or receive communications.
So what does Starcraft have to do with cybersecurity? Quite a lot, actually. If you’re a gamer like me, you may understand the layers of strategy involved in intelligence gathering, assessing environments, collaborating with peers and resolving issues as they arise. That’s not only a good Starcraft methodology, but an effective approach to cybersecurity.