What can Game of Thrones teach us about cyber security?

As season seven of Game of Thrones (GoT) wrapped up, fans waited with baited breath for the final showdown between the living and the dead. Watching Jon Snow and his allies prepare their forces for the impending war, I couldn’t help but see similarities between the defences of the Night’s Watch and those of cyber security teams in the real world.

The Night’s Watch is a sworn brotherhood of unsung heroes united to keep the Seven Kingdoms safe from the unknowns of Westeros’ northern border. More specifically, it’s their duty to defend The Wall from invading forces of White Walkers, wights and wildlings from beyond; similar to the responsibilities of today’s cyber security teams of keeping corporate data safe from malicious cyber attackers.

Here are three things we can learn about cyber security from The Night’s Watch.

Beware of zombie accounts

In season one, the bodies of two missing Night’s Watchmen are retrieved from the haunted forest just beyond The Wall, and are brought back to Castle Black. Once night falls, one of the bodies reanimates as a wight, and attacks Jon Snow. It’s not until Jon sets the wight on fire that it’s finally put to rest for good. The lesson here is that just because an employee has left, it doesn’t mean their digital account isn’t a threat to security. OneLogin’s recent research finds that over half of ex-employees still have zombie accounts that can be used to access corporate apps and data that can be leveraged at their will. Hence, cyber security teams need to metaphorically “burn the bodies” or use automated provisioning tools to ensure former employee’s zombie accounts are deprovisioned before they even step out of the door, or the castle grounds.

Take potential threats seriously

If the Lord Commander of the Night’s Watch is the CSO of Westeros, then the King of the Seven Kingdoms is the CEO.

A consistent frustration in GoT is how the great families of Westeros childishly squabble amongst themselves while the real threat of the White Walkers continues to rapidly grow beyond The Wall. Despite the Night’s Watch’s requests from the leaders of the seven kingdoms for more resources to defend The Wall, they are not always at the top of the priority list– are you starting to see the similarities? If you’re part of an IT team, I’m sure this point especially rings true. The southerners believe that White Walkers are just a myth. And even if they did exist, The Wall (perimeter security) would be enough to stop them. Tragically, the hubris of leaders south of The Wall is sure to cost the Seven Kingdoms dearly in the great war to come.

Similarly, in the real world, it’s critical for organisational leadership to make the necessary investments to defend against increasing security threats as soon as possible. Although you may not see a threat or assume its likelihood is low, the threat still exists. To assume that your organisation is safe because you have a wall at the edge of your kingdom of ice, fire, or otherwise is a risky state of being.

Currently, only a quarter of board members see cyber security as their top priority, despite the fact that cyber-attacks are rapidly becoming a greater threat. Even worse, over half of board members find difficulty understanding security risks vs. other risks (legal, financial, etc.), and find security reports to be too technical. This suggests an inability to fully comprehend — let alone address — cyber security risks. Thus, companies would be well-served to use technical understanding as a hiring criterion for board members.

Everyone has a part to play

It’s not just the job of Night’s Watch, or your cyber security team, to secure the domain; it’s everyone’s job.

Throughout the first few seasons of GoT, viewers are constantly reminded of how ill-equipped the Night’s Watch is. The Wall is supposed to be manned by thousands of seasoned knights distributed amongst The Wall’s 19 castles. Unfortunately for the Seven Kingdoms, only a few hundred untrained boys and criminals are posted at three of The Wall’s castles - each with scarce food, resources and weapons.

By the time, Jon Snow becomes King in the North, it’s apparent that The Wall won’t be receiving more men from King’s Landing. To account for this, Jon takes an “all-hands-on-deck” approach to fortifying The Wall. He enlists help from the wildlings and several Northern families. He commands that anyone who can hold a sword be trained to fight - including young boys and girls. The Northern Lords reluctantly agree to this because they understand that everyone’s lives hang in the balance and everyone has a part to play. Key takeaways from King Jon’s leadership: One, he’s not so naive to believe that The Wall is impenetrable. Two, he understands that people are the most important defence against outside threats. And three, Jon knows that training all able-bodied subjects to defend themselves is key to security.

Proper policies and training are key to any cyber security strategy. Every organisation’s security team only has a finite amount of time and resources, which means everyone, from marketing to sales to customer support, must take some responsibility. All employees should be trained in how to utilise password best practices, like using passphrases instead of shorter passwords, keeping passwords secure (i.e. not writing them down), and not reusing passwords for multiple accounts.

Employees should also know how to identify and respond to common threats like malware and phishing emails. This last point is critical, since phishing emails are the #1 method of delivering malware, and the vast majority of organisations have been targeted by phishing.

Alvaro Hoyos, CISO at OneLogin
Image Credit: BeeBright / Shutterstock