Cyber Security Lessons - Series Introduction
When we focus internally on our own industries we often become blinkered and fail to learn lessons from other sectors. With Cyber Security lessons it is crucial we broaden our horizons and look to external resources to find commonalities. Not only that, but it is fun to combine our passions with our day jobs.
Previously I looked at the world of Formula One and how key aspects of the sport have important Cyber Security lessons and today, I will be exploring the equally fast-paced sport of mountain biking racing.
"...doing it differently which can be 10x better"
Inevitably there will be many similarities in lesson topics across these however the value is not just in the difference. It is also in how they approach addressing these topics and the challenges they each address.
Five Cyber Security lessons from Mountain Bike Racing
Mountain bike racing and the world of cyber security may seem like very different fields, but there are actually several lessons to be learned
Preparation is Key - Cyber Security Lessons
When it comes to mountain bike racing preparation is at least the most important activity. If you include planning into preparation it becomes clear why. Without a plan you can engage in all sorts of misdirected activities that will ultimately net little or no benefit. They can even be detrimental if they cause injury. As in mountain bike racing, preparation is key in cyber security. Having the right plan, tools, processes and team in place before an incident occurs can make all the difference to the outcome. Equally, appropriate preparation will enable the creation of a strong security capability that will significantly reduce the risk of a breach.
In mountain biking I have to look at my technical preparedness and my physical fitness. Supporting this requires ensuring I ride technical trails, that I increase strength in the gym and that my nutrition is on point. All of these elements work in unison to create the best possible outcome. From a Cyber Security point of view this means ensuring that the team have the skills required, that the team is appropriately resourced and that they function as a team.
Focus and Awareness
In mountain bike racing, focus and awareness are necessary to navigate the terrain and avoid obstacles. Failure to be focus and be aware of what is going on around you can see you go into a corner too quickly. The outcome of this can see the rider pancake into a rock or smack their head into a tree and wake up with a concussion (Yes I have done both). Or you might miss the snake on the trail in front which isn't fun either. Similarly, in cyber security, focus and awareness is critical. Focus on the ultimate goal of preventing breaches is aligned with focus on finishing the race in Mountain Biking. Awareness of the internal and external business and security variables is vital in identifying potential threats and vulnerabilities.
In Cyber Security external variables are pretty obvious, albeit ever changing and extremely challenging. Internal variables can include nefarious insider behaviour but also internal behaviour that unintentionally creates risk. This can be poor cyber habits of users however can also occur when the needs of the business conflict with strong Cyber Security hygiene practices. Cyber Security Teams must be aware of these variables by being aware of business direction, objectives and goals.
Risk Management - Cyber Security Lessons
Mountain bike racers are trained to take calculated risks, balancing the potential rewards with the potential consequences. In cyber security, risk management is also essential to balance the need for access and usability with the need for security. This can see tension between the needs of the business and the security team. One of the best ways too overcome this is through ongoing education and awareness regarding Cyber Security Risks for all levels within the business. Certainly not least Exec and Board Members.
Collaboration and Teamwork
In both fields, collaboration and teamwork are important. Mountain bike racers often rely on their support crew. Such as coach, physio and training partners. Cyber Security teams need similar support.
Coach: Someone to ensure the teams activities, both individually and collaboratively are appropriately focused and resourced. Some of this support can come from internal resources as part of the team however a 3rd party view or short-term resource to fill a hole can also be invaluable.
Physio: Someone to ensure that each individual in well supported to ensure they can delivered thier best as a member of the team
Training Partners: Team members who challenge but support each other, mentor others, pitch in when required and contribute to a generally positive 'vibe' within the team
Continuous Training and Education - Cyber Security Lessons
In both fields, staying up-to-date with the latest developments is crucial. Cyber threats are constantly evolving, and mountain biking techniques and equipment are always improving. Continual training and education are necessary to stay competitive and effective.
By applying these lessons from mountain bike racing to the world of Cyber Security, organisations can better prepare, manage risk and work together to protect their assets and data.
Please provide feedback and if you haven't already please subscribe to this newsletter and share it with a friend. The next lesson for Cyber Security will be from the world of Gaming.
Mark Williams - Founder - www.quigly.com.au