It’s autumn again, and for many of us, that means football season! Lots of Americans love watching the game on Sunday and seeing their favorite team battle it out on the gridiron. From the touchdowns to the field goals and the interceptions to the big hits, it’s all thrilling to watch. However, as you resume your football rituals this season, take a moment to draw some parallels between the game and your cyber security strategy. If you haven’t given it any thought, there are a lot of similarities between football and cyber security.
We’ve all heard the best offense is a good defense. This adage is applicable in both football and cyber security. A strong defense is critical in football to keep the other team out of your endzone. Likewise, with cyber security, a strong defense will prevent cyber criminals from infiltrating your network and compromising your personally identifiable information (PII). Having the most robust defense possible will protect your sensitive business data. In the 2021 season, the Buffalo Bills had the best defense in the NFL. So, suffice it to say, you want your cyber security defense to be like the Buffalo Bills.
Consider this. Think of the ball as malware, which makes the offensive players cyber criminals. See the connection? For instance, many NFL teams use the “play action” strategy, where their quarterback fakes a handoff to a running back only to pull the ball away at the last moment to throw it. This falls along the same lines as cybercriminals and email phishing. With email phishing, a bad actor uses a fictitious but authentic-looking email to entice their victim to open an attachment or click a link that installs malware. Both strategies use the same tactic: deception. This trickery lures victims into thinking one thing is happening (like a run play or a genuine email), only to find that some other mischievous action is happening (a pass play or a malware install).
Perhaps you’re still wondering how NFL defenses that work against these play actions can help us understand how to avoid phishing scams. Think about it this way. Defenses in football watch the offensive linemen to determine if a play will be a run or a pass in disguise. If the linemen come forward to open a hole for the running back, then it’s a run. But if they stand straight up and pass block, we know it’s a pass. So, in this same way, when it comes to cyber security, you need to have your senses finely tuned for suspicious emails and determine if they’re trustworthy or if you should delete them. We recommend an acronym to make detecting malicious emails, and it’s called the SLAM method.
As we’ve blogged about before, the letters in SLAM stand for Sender, Links, Attachments, and Message. Anytime you encounter a suspicious-looking email, use SLAM like this:
All we’re getting at here is that if you can find a way to connect something you love, like football, to what will protect your data, you can safeguard yourself from the embarrassment, business impact, and costs associated with a data breach. For more help with shoring up your defenses, training your staff, or seeing what business data you may have already exposed on the Dark Web, contact Athreon for a free security consultation! Here’s to a winning season ahead – on the field and off!