Get Big Game Ready with Pro Football Tips For Cybersecurity Pros

Written By Yehuda Kirschenbaum

Football is a strategic and dynamic sport, very similar to the world of cybersecurity. To help get us ready for the big game this Sunday we rounded up some of Tomás Maldonado’s, CISO of the NFL, football-related tips for professionals in cybersecurity. Along with his posts, we shared some additional and important security insights:

1. Setting the Strategy

Our take: Provide the board with the right information in order to develop a suitable coaching relationship. The true power in the data is that it allows for effortless communication and accurate judgments. Communication is key when it comes to coaching a football team and also strategizing with the board, so quality data should be an essential resource that you and the board can access in a clear and concise format.

2. Red Zone Defense

Our take: The red zone is one of the most valuable areas of the football field. Defenders in the red zone have a huge responsibility and take pride in protecting it in the same way that CISOs, the protectors of critical assets and data, valiantly and proactively defend their space. Like the red zone, sensitive data and critical assets command a higher level of attention to every detail to ensure they are safely guarded. Tightening your defenses can mean many things regardless of if you're on the field or the computer, but the main idea is to be prepared and that's a great way to proactively and straightforwardly approach a task.

3. Huddle Up

Our take: Huddles are practically useful and boost morale as well as unity. They are practically useful because everyone is assured that they have the same overall instructions. This allows for smooth collaboration and communication. Accompanying a huddle is often a sense of pride and ambition which are great qualities to inspire in your team. When working as a whole coordinated and collected team, cyber safety can be more easily within reach. 


4. Fourth Quarter Defense

Our take: Vigilance means its game time all the time. It is always the final quarter when it comes to cybersecurity because the attacker always has the first mover advantage. Keeping your team in position and ready to defend will help you stay protected. Vigilance can seem tiring, but If you act with the intention that you refuse to be caught off guard, you can be more relaxed knowing that your assets are safer.


5. Avoid Costly Fumbles

Our take: Handling sensitive data with care involves encryption, access controls, and more. Avoiding fumbles is the goal but not the reality. The reward of peaceful protection is worth the hassle so try to ensure that you and your team are cognizant of classic and easy to make fumbles as well as obscure ones.


6. Be an MVP

Our take: In order to become an MVP you need to outwork your opponent, have strong leadership and be prepared for everything. You can become the ‘MVP of your digital assets’ by studying trends that will help you stay ahead of the curve. You will be less likely to be caught off guard by unfamiliar attacks. Unfamiliar attacks can send the team into a panic. You can be the guiding, steady light that illuminates the nature of the attack and how to respond. Along with this comes the tip to be the ‘first line of defense.’ The small and quick tasks that were mentioned above have disproportionately large rewards as you will feel and be much safer. Overall, these practices can speak for themselves, but sharing your thoughts on cybersecurity can be inspirational and motivating for you and others on your team. Then, your team members may feel more inclined to share information that they know regarding security that you may learn from. This will lead to positive friendly thoughts and a largely knowledge-based environment.


7. Robust Defensive Playbook

Our take: Planning ahead is great for winning and protecting assets. Documenting your plans makes it easier to access and share the information and therefore makes the plan easier to execute. Thinking about learning about and teaching cybersecurity to people in your life as ‘training’ is very exciting and creative. It can make the difference in how much effort you put into it or even if you inspire others to join your effort. Following this logic, conducting drills can be presented as a game or contest. Its important to try not to let your plans age past their use date because then you may have to start over from scratch. Update often as you proceed throughout your weeks so that your plans can grow and thrive with you.


8. Self-scouting and analysis

Our take: Football teams analyze their game footage to notice weaknesses in their execution. Cybersecurity teams can (and should) also be audited. Making sure your security strategy is strong is a strenuous job. The listed tips above are very helpful for organizing the different concerns a CISO has to keep in mind.

9. Keep the Offense Guessing

Our take: Updating your strategy is paramount to staying cyber-secure. Keeping threat-actors guessing is an ambitious goal. Striving for this is a great way to stay ahead. If you do reach a point of enigmatic cybersecurity, remember to still be vigilant (referring to tip 3 😄).

While the last game of the NFL season is this Sunday, there is no off-season for security threats and bad actors. Strengthen your cybersecurity program with the Onyxia Cybersecurity Management Platform.

From Reactive to Proactive to Predictive.

Yehuda Kirschenbaum
Previous

What Is Cyber Defense Planning and Optimization (CDPO) and Why Is It Important for Security Leaders?
Next

The Top CISO Stories From Around the Web: January