From the Starship Enterprise to Your Enterprise: Eight Cybersecurity Lessons From ‘Star Trek’
Many people in the security industry today grew up watching “Star Trek,” from the original episodes to Next Generation, Deep Space Nine, Voyager, Enterprise and the many other series that followed. In anticipation of the upcoming “Star Trek: Discovery” series, we thought it would be a good time to remind our readers that, beyond the entertainment value, “Star Trek” also provides useful metaphors to help security professionals communicate with executives and fellow staffers.
Eight Cybersecurity Lessons for Your Security Starfleet
When it comes to security, the typical enterprise is really not so different from the USS Enterprise. Without proactive risk management, savvy threat identification and effective incident response, neither a business nor an intergalactic vessel can survive. Below are eight cybersecurity lessons that security professionals can take away from “Star Trek.”
1. The Warp Core
Let’s start with the Warp Core, one of the critical drive-trains of the Enterprise spaceship, without which there would be only limited travel. Instead of going boldly where no one has gone before, the Enterprise would be limited to exploring space within a few light-years of earth.
For organizations today, data is truly the equivalent to the Enterprise’s warp core. Without data, the organization is stifled and cannot accomplish its important mission objectives. However, much like the Warp Core, data, if not properly handled, can also lead to the enterprise’s destruction.
Captain’s log: You need the core, but it’s unstable. Ditch any toxic data that is no longer needed and keep a close eye on those dilithium crystals.
2. The Trouble With Engineering
It seems like in almost every episode, the captain has to call down to engineering to get an update as to what’s broken and how long the fix will take — an advanced form of mean time to repair (MTTR). “Engineering, status report,” says the captain with a tone of frustration, since his ship is stopped in enemy space with no impulse engines to maneuver. Let’s face it: Without engineering’s ability to fix things, the Enterprise is a sitting duck.
Similarly, today’s organizations depend entirely on a different kind of engineering called IT infrastructure. Without IT infrastructure, the organization may as well shut its doors and send employees home, because it won’t be able to process anything or make any kind of forward progress. Of course, IT infrastructure can break on its own when humans make honest mistakes or determined attackers infiltrate the network.
It’s important for organizations to keep their engineering department functioning well and to routinely practice responding to disruptions, whether purposeful or accidental. No captain wants to command a sitting duck of a ship.
Captain’s log: IT engineers empower the organization to move forward. Check on them often and remember to have them practice their incident response.
3. Shields Are Holding — For Now
Along with troubles in engineering, many “Star Trek” episodes saw the Enterprise’s shields go from “shields up at 100 percent” down to shields barely holding in a matter of minutes. Ships need shields to avoid being disintegrated by enemy ships, punctured by space debris or pulled apart by gravitational waves when they fly too close to large planets.
Organizations today use their technical controls as virtual shields of sorts, providing a layer of defense outside the perimeter of the ship. However, much like shields, your technical security defenses may fail and leave you exposed to the elements or, worse, to an enemy ship just waiting for a chance to take on the mighty Enterprise.
Captain’s log: Shields are necessary, but not sufficient. Shields may be here today but gone tomorrow, and they cannot guarantee total protection. Stay vigilant — you might have to declare red alert soon.
4. Sensors and Cloaking Devices
The Enterprise has a full range of sensors. Some provide close-up information while others scan deep space to detect ships and other astronomical objects of interest. In some instances, these sensors even detect the presence of alien life forms. But just when you think these sensors give the Enterprise an edge, you learn about another race of humanoids that has developed cloaking technology. Can you really trust your sensors, or is a pair of Klingon ships about to decloak in front of you?
Captain’s log: You can’t always trust what your sensors are telling you. Stay alert and monitor your internal and external environments for signs of possible intrusions.
5. Status Reports
With every encounter, the captain (be it Kirk, Picard or the many other leaders on the bridge) routinely calls for a status report. In many cases, those reports could be generated directly from the bridge with the help of the sensors and the well-trained bridge staff. Sometimes, however, the captain needs to take a hands-on look at the situation down in the bowels of the ship. Would you trust a junior Starfleet staffer to provide this report? Unlikely. Instead, you’d ask one of your trusted responders to investigate and report back.
Captain’s log: Every incident should be followed by a status report. While you’re at it, elevate the effectiveness of those reports by documenting and communicating lessons learned.
6. Doors Blocked? They’ll Use the Hatch Panels Instead
The Enterprise is boarded by enemies on several occasions throughout the “Star Trek” series. Those who gain control of the bridge cab then use the full power of the bridge’s computers and control panels to launch scans and other nefarious actions at the defending trekkies. Luckily, the defenders know the backdoors and hatch panels, through which they can disappear to behind-the-scenes areas of the ship where sensors and enemies cannot find them.
Captain’s log: Controls can look and feel sturdy, but without regularly testing your hatch panels, you might fool yourself into thinking you’re safe and all your doors are locked. In reality, all an attacker has to do is to pop open one of those panels and move about the organization undetected.
7. You Can’t Escape Gravity
On several occasions, the crew of “Star Trek” finds itself perilously close to being turned into gravitational mush. Sometimes, it is due to failed warp cores; other times, failing stabilizers or shields are to blame. Whatever the cause, the pull of gravity is strong — too strong for a ship in distress to resist with mere impulse thrusters. But gravity isn’t always an enemy: The Enterprise is often able to flee out of harm’s way by slingshotting around a planet or sun.
Organizations today cannot exist without business partners and suppliers. These entities provide much-needed resources to the organization, from raw supplies to revenue streams via business partners. However, these relationships make the continued well-being of the organization highly dependent on those partners.
Captain’s log: Third-party risks are real and should not be underestimated. Even a fully functional organization can be taken down by the cybersecurity risks present in its third-party vendors. Resilience is key. Don’t let third-party gravity bring you crashing down.
8. Mr. Spock Versus Data
Both Captain Kirk and Captain Picard rely on keen aides to help sort things out and, on occasion, to help untangle the human emotional biases of decision-making.
So who would be a better cybersecurity advisor to the CEO: Mr. Spock or Data? Both have sharp minds and are able to separate emotions from situations, even though one accomplishes this by repressing his emotions while the other simply cannot process any emotional undertones. However, as a fan commented, both “filled similar niches in being foils for humanity as a whole, as well as outside observers and commentators on our traits and history.”
Captain’s log: Every CEO needs a Spock or a Data. In this era of monthly breaches, the importance of a good cyber risk advisor cannot be overstated. The ultimate decision is yours, Captain, but at least you’ve been forewarned.