Security

Cyber Lessons from Star Trek Beyond

By Special Guest
Rob Sadowski
  |  November 02, 2016

To most people, Star Trek movies may seem like basic escapist material – a crew’s adventures in deep, far-away space. However, like many epic tales, they also offer perspectives that are relevant to other domains. The movie series that resumed this summer with the debut of Star Trek: Beyond offers several lessons about the way today’s enterprises should approach cybersecurity.

Today’s advanced threat world may have seemed far-fetched even to Gene Roddenberry when he created the Star Trek TV series back in 1966. It would be decades before people started stressing about hacks on PCs, cell phones, or the cloud. Man hadn’t even taken his first small step on the moon. But wisdom relevant to threat detection and response was there in each episode, percolating under the surface. And it’s certainly there in Star Trek: Beyond.

Putting It in Context

Let’s explore this idea of threat detection in Star Trek in context vs. another popular sci-fi franchise. In each of the seven Star Wars movies there is pretty much one threat. The threat goes by different names – the Galactic Empire, the Trade Federation, the First Order – but there’s always a clearly defined enemy or adversary in a conventional good vs. evil story.

In Star Trek the threat is much less defined. The Starship Enterprise crew is on an exploration mission – to boldly go where no man has gone before. Members of the crew have no idea what’s out there from episode to episode, from movie to movie. The threat they encounter might be a force of Klingons or Romulans, a shape-shifting monster, or a mind-bending alien being. Or they might encounter a weird force of nature that wants to be friends. The point is, the Enterprise is forging ahead into the great unknown, so the crew needs to be ready for anything.

Which scenario sounds more like the one today’s businesses face?

If we lived in a Star Wars world, organizations could spend all their time designing a cyber defense against our known enemy. If we know our enemy, and know their tactics with a high degree of certainty, we can design effective defenses to stop them from breaking in. That’s what organizations in our world did for years – building robust preventive, perimeter defenses with some success.

But we don’t live in a Star Wars world anymore. We live in a Star Trek world, where enterprises (there’s that word again) are under constant threat of attack. Companies operate in borderless IT environments that resemble space – with no physical perimeters. They embark on their own missions, boldly searching for new customers, traveling into new markets, and doing so with the aid of new technologies like cloud, SaaS (News - Alert), and mobile. They are well aware that they face threats, but the enemies out there are getting more clever and more focused than ever. Enemies change their tactics abruptly and arbitrarily. Today’s enterprises need to be just as clever, just as focused, and always open to changing strategies.

The problem is, many companies today are deploying Star Wars defense strategies in a Star Trek world. An RSA survey released earlier this year showed that companies continue to underpin defenses by investing in preventative controls rather than more effective detection and response technologies. Essentially, they’re building force fields rather than trying to spot the attackers who have breached their perimeter defenses.

The Star Trek franchise offers other valuable lessons to use in our cybersecurity plans. Here are a few.

Using Analytics

The Enterprise crew has always been big on information. Whenever the ship encounters a new situation, it beams down a few members to observe the potential enemy, gather data, and report back to the ship. Smart people (usually Spock) analyze this information, and the leadership (usually Kirk) makes a measured, strategic decision about how to deal with the threat.

Today’s enterprises need to know their enemies and understand what kinds of threats they pose. They can use analytics to detect patterns of behavior – like who’s trying to access what systems, when, and for what purpose. They can deploy more sophisticated systems to better gauge the risks certain parts of the organization face.  

Acting Quickly

In a Star Trek drama, time is always of the essence. The crew always needs to figure out a situation and react fast to make sure the ship doesn’t explode or a black hole doesn’t swallow up everything around it. Everybody’s focused on the task at hand. And they’d better be, because the TV show ends at the top of the hour.

In the midst of a compromise, you’re dealing with a different kind of ticking time bomb. Every minute an attacker prowls around inside your network, he’s closer to accomplishing his objective of accessing and exfiltrating critical information. You have no time to waste. Problem is, research shows companies aren’t equipped for these situations. The same threat detection survey referenced earlier shows that only 8 percent of organizations feel they can detect threats very quickly and only 11 percent feel that can investigate threats very quickly.

Changing the Game

In the Star Trek movies, Starfleet cadets take a test at the Federation’s academy. They are presented with an impossible scenario to see how well they react under pressure. Nobody had ever successfully solved the problem until Captain Kirk came along. He solved it by changing the rules of the simulation. Essentially, he cheated. His response was that he had to do what he had to do to win.

These days, cyber adversaries don’t play by the rules. They are living, thinking human beings, which makes them adaptable and creative. They have a target – no prescribed path to get there, no pre-conceived notions, and a virtually limitless number of ways to get there. Adversaries change their tactics constantly, so enterprises need to do the same. Enterprises can play by the old rules, and get outwitted, or they can change the game by constantly evolving their cyber protection strategies.

If you head to the theater to watch Star Trek: Beyond, of course, feel free to get lost in the story, the CGI (News - Alert) effects, or the interplay between the characters. It’s a movie. Movies are entertainment, and the recent run of terrible headlines in our all too real world makes us all want to escape, at least for a couple of hours.

But, as you jump on board with the crew and vicariously explore new galaxies, try to keep one eye out for cybersecurity lessons playing out on the big screen. Five decades after Star Trek first entered the public consciousness, it’s interesting to ponder the ways the sci-fi franchise, and society in general, are adapting to our unpredictable, scary cyber universe.

Rob Sadowski is director of marketing at RSA (News - Alert) (www.rsa.com), the security division of EMC (www.emc.com).




Edited by Stefania Viscusi
blog comments powered by Disqus