The cool air of October brings with it the hype and pageantry of baseball playoffs and our minds wander to Earnest Thayer's story of Mighty Casey at the Bat. We at G2 Ops see all too often a strong parallel between Mighty Casey and the Chief Information Security Officers (CISOs) of businesses small and large - often confident, but too often not prepared or resourced to deal with today's cybersecurity threat landscape. Does your CISO have the full support of the C-Suite? Have they deployed the critical security technologies and processes required? Or could the following tale of woe describe a day in the future life of your organization?
The outlook wasn't brilliant for ACME Air that day:
Flights stood grounded in Austin, Philly and Green Bay,
And then when Comms shrugged his shoulders, and Ops did the same,
A silence fell upon the board, as they looked for someone to blame.
A straggling few grew in deep despair. The rest
Clung to the hope that network security would overcome this horrible test;
They thought, "It's up to CISO to answer our prayer--
We'd put up even money now, that CISO would get our planes in the air."
Backups were daily, and firewalls did stand;
But the former had not been checked, while the latter had been outsourced to Kazakhstan;
So upon many a blistering tarmac our fleet of airplanes did rest;
For operations could not continue until CISO stopped this pest.
From five thousand employees and more there rose a lusty yell;
It rumbled through our servers, it rattled in our dell;
It had came in through a backdoor and dismantled the ACL;
For CISO, mighty CISO, could only save us from this hell.
There was ease in CISO's manner as he stepped into the space;
There was pride in CISO's bearing and a smile lit his face.
And when he settled his glasses upon the bridge of his nose,
No security professional in the crowd could doubt 'twas a formidable foe.
Ten thousand eyes were on him as he set about his data mining;
The digital bandit was sly, it had been for some time that access had been declining.
While the foe was set on disruption,
Defiance flashed in CISO's eye, a sneer set against this corruption.
The cloak-covered script came hurtling across the fiber,
And CISO stood a-watching the mighty attack in cyber.
Close by the security expert, yet unheeded, the exploit sped--
"Defense in Depth," pleaded CISO. "Account Balance Depleted!" the display read.
From the boardroom, black with suits, there went up a muffled roar,
Like the beating of the storm-waves on a stern and distant shore;
"Kill the routine! Kill the routine!" we are under attack;
And it's likely they'd have succumbed, had not mighty CISO pushed back.
"Make it quit!" shrieked the maddened execs, "Make it quit",
But one scornful look from CISO and the Board was made to sit.
They saw his face grow stern and cold, they saw his muscles strain,
They knew that CISO wouldn't allow that malicious code to make any additional gain.
The sneer is gone from CISO's lip, his teeth are clenched in hate,
He pounds with cruel violence his fingers upon console gate;
But the villain has prepared his next trojan, and now he lets it go,
Eardrums were shattered by the bloody scream of the mighty CISO yelling NO!
Oh, somewhere in this favored land, airliners are in flight,
And passengers move from here to there, and somewhere a brand is bright;
In that place executives are perennially laughing, and profits always sprout,
But there is no joy in ACME Air -- for cybersecurity planning had been lacking, and the mighty CISO has timed out.
This blogger graduated from Goldman Sachs' 10,000 Small Businesses program. Goldman Sachs is a partner of the What Is Working: Small Businesses section.