The analogy continues as what was once an amateur game, football has become a serious business with a level of professionalism that footballers would not have recognised 20 years ago.
In turn, todays Chief Information Security Officer (CISO) is facing a threat from professional hackers and cybercrime gangs that did not exist even ten years ago. In both cases, it is no longer a game of amateurs, but instead of highlight trained and often highly resources professionals with a clear goal and objective in mind.
Like a football manager, planning for a CISO is critical, in being able to put himself into the mindset of his opponent and understand their strengths and weaknesses in order to gain any tactical advantage.
Whether on the pitch on in cyberspace it is important to be able to anticipate, visualise and adapt plans to identify and counter any potential threats.
At the end of a match a football manager will analyse the game using video and stats to recognise any weak links or strengths, in much the same way a CISO will look back at the effectiveness of their businesss security to determine what has happened and steps needed to mitigate any risk .
So next time you watch your favourite team play, think of the IT security team at the company you work, or the bank which holds your savings.
Relegation for a football team is bad enough for a team and fans, but failure in IT security can impact share price and reputation of a business so it is even vital to get that right.
But by planning before, during and after, both the football manager and CISO can be confident they have done all they can to prepare for an inevitable attack to come.
Leon Ward is the Director Product Manegement at Sourcefire.
Image source
