Leon Ward, Director Product Management at Sourcefire
“The analogy between sports and business is one often made, and while a colleague was watching the English Premier League I was struck by the similarities between football and IT security”
In many ways the Chief Information Security Officer (CISO) in a business has a similar job to that of the football manager, preparing his team for whatever his adversary will throw at him.
The analogy continues as what was once an amateur game, football has become a serious business with a level of professionalism that footballers would not have recognised 20 years ago.
In turn, today’s CISO is facing a threat from professional hackers and cybercrime gangs that did not exist even 10 years ago. In both cases, it is no longer a game of amateurs, but instead of highlight trained and often highly resources professionals with a clear goal and objective in mind.
Like a football manager, planning for a CISO is critical, in being able to put himself into the mindset of his opponent and understand their strengths and weaknesses in order to gain any tactical advantage.
Whether on the pitch on in cyberspace it is important to be able to anticipate, visualise and adapt plans to identify and counter any potential threats.
At the end of a match a football manager will analyse the game using video and stats to recognise any weak links or strengths, in much the same way a CISO will look back at the effectiveness of their business’s security to determine what has happened and steps needed to mitigate any risk .
So next time you watch your favourite team play, think of the IT security team at the company you work, or the bank which holds your savings.
Relegation for a football team is bad enough for a team and fans, but failure in IT security can impact share price and reputation of a business so it is even vital to get that right.
But by planning before, during and after, both the football manager and CISO can be confident they have done all they can to prepare for an inevitable attack to come.