The Best Offense is a Good Defense

By in
The Best Offense is a Good Defense

For most of us, fall means one thing: football season! Most Americans enjoy watching their favorite team battle it out on the gridiron every Sunday. The touchdowns, the field goals, the interceptions, and the big hits. There’s a lot of excitement going on. As you watch the game, we ask that you consider how it compares to a strong cybersecurity strategy. You may be wondering what we’re talking about now. What is the connection between football and cybersecurity?

There is an adage that says the best defense is a good offense. It is true for both football and cybersecurity. You need a strong defense in football to keep the opposing team’s playmakers out of your endzone. For cybersecurity, you need a strong defense so that cyber criminals do not get their hands on your personally identifiable information (PII). To protect your data, you need the strongest defense possible. The Buffalo Bills had the best defense in the NFL last season. In other words, you want your cybersecurity to be like the Buffalo Bills.

In this context, football and cybersecurity make even more sense if you visualize the ball as malware and the offensive players as cyber criminals. Many teams use the “play action” strategy, in which the quarterback pretends to hand off the ball to a running back, only to throw it away at the last second. It is similar to the cybercriminal technique of phishing in which a criminal sends a fake email that appears to be authentic but leads to malware when clicked on. They both rely on deception to trick their victims into thinking one thing (a run play or a normal email) only to have a different and damaging outcome (a pass play or malware infection) happen instead.

Is it possible that NFL defenses can teach us how not to fall for phishing attempts by working against these plays? Yes, they can! In order to determine if a play is a pass or a run, defenses will watch the offensive lineman. When the linemen open a hole for the running back, it’s actually a run. When they stand straight up and pass block, it is a pass. The same thing applies to determining whether a suspicious email is genuine. There’s even a fun name for it, it’s called SLAM.

The SLAM acronym stands for Sender, Links, Attachments, and Message. If you receive a suspicious email, you should check the sender first. Verify that the email address is correct and does not contain any spelling errors. If it’s incorrect in any way, you’re probably being phished. Hover over any links in the email to see where they lead. Do not click on a link if what appears does not match the name in the link or if it looks suspicious. You should never open attachments from unknown emails, they may contain dangerous malware. You should double-check with the sender if anything seems off (or phishy), even if it comes from someone you know. Lastly, check the message of the email for any spelling or grammatical errors.

If you can find a way to link what you love to what will protect your data, that could be what saves you from a breach.