The Dominos Theory of Cybersecurity
-
21. Okt 2022
-
We’re all familiar with the art and science of domino toppling from our childhoods. You set up dominos on their tail ends and knock down the first in line to create a chain reaction. A successful “run” is the uninterrupted (and gratifying) flow of toppling tiles to the very last one.
On the biggest stages, the most spectacular domino runs involve thousands of tiles, complex patterns and 3D stacking. Engineering success at that scale demands patience, vision and foresight — and a helping heaping of creativity.
Greg Berkin brings those virtues — developed through his passion for domino toppling — to his role as a Senior Advisor with FTI Cybersecurity. Berkin has more than three decades of experience as an application software developer and program manager that includes engineering complex platforms to protect organizations against cyber attacks. The start of his “run” stretches all the way back to 1984, when he founded an educational software company for an emerging company called Apple.
Earlier this year, Berkin’s distinctive skill set earned him an invitation to appear on “Domino Masters,” an unscripted reality show that aired on Fox TV (Disney). Teams of three competed to construct the most elaborate and artistic domino topples. Berkin’s team, the “OG Topplers,” with almost a century of experience, reached the semifinals of the competition.1
The event reinforced Berkin’s thinking about how closely related his avocation is with his vocation. “The skills required in the art of domino toppling have real-world applications,” he says. “I often find myself applying lessons learned from the viral sensation of domino building to my work in cybersecurity consulting.”
Setting Up for Success
You don’t have to be a domino master or a Chief Information Security Officer to know just how critical and expensive cybersecurity has become. Global spending on related products and services is projected to exceed $1.75 trillion cumulatively for the five-year period ending in 2025.2
The FTI Journal asked Berkin to expound further on the connection between the digital world of cybersecurity and the analog science of domino toppling. Here are three of his theories.
Caption: Berkin (right) and his teammates combined for 93 years of domino-toppling experience. Photo courtesy of Domino Masters @Fox TV
Theory 1: Setting Up Your Tiles Before Surveying the Room Is Folly
Experienced domino topplers look closely at the venue they are working in before getting out the tiles. Every space has its own nooks and crannies, and the tools and tricks to pull out for a showstopping run often vary.
The same goes for setting up an effective cybersecurity strategy. Preparing for a cyber attack requires accounting for the nature of a business, the amount and type of information it retains, and local regulatory demands.
Just as each venue makes unique demands on a domino toppler, organizations face unique challenges based on the scopes of their overall digital footprints. Know what makes your needs unique and opt for a tailored approach over cookie-cutter solutions.
Theory 2: Every. Single. Domino. Counts.
A single tile out of place. That’s all it takes to create massive failure in your topple. A single vulnerability in your security system can also cripple your operations and even damage your company’s reputation. In both instances, mitigating risk starts with appreciating the hyperconnected nature of your assets.
Whether creating a topple or a cybersecurity plan, you must recognize that your setup is only as strong as your weakest link, or links. But it’s also important to know that focusing on a single domino in a run that involves a million pieces means you might never get fully set up. Similarly, conducting day-to-day business operations while simultaneously hunting down potential weak points in your system might prevent you from coming in at deadline. Or at budget.
Theory 3: Always Have an Alternate Route to the Final Tile (Prepare for Contingencies)
In the digital world, you can't compromise mission-critical functions; they must run all the time. A successful domino run also needs to be constantly moving, knocking over the next piece in the right sequence.
In both disciplines, you have to prepare for every type of contingency to make sure you're constantly running and you're running reliably. That means having backups and knowing they’ll work if failure occurs elsewhere.
In domino toppling, that involves setting up an alternative path to the finish with additional dominoes that split off so if one path fails the other may succeed. In cybersecurity, that means not only building digital backups into your system, but also simulating real-world scenarios to test resilience and improve your responses to potential attacks.
The Big Picture
Berkin is a firm believer in working collaboratively. Like creating a cybersecurity plan, he says that setting up a massive domino run on your own can be tedious and even inefficient. “While it’s possible to go it alone, of course, partnering with other experts is a key to better engineering,” he says. The domino master adds that it’s easy with cybersecurity to get caught up in the minutia and anxiety of the moment. “You can end up missing the forest for the trees,” he says. “Or maybe I should say, ‘the topple for the tiles.’”
Footnotes:
1: “Domino Masters” Fox TV (Disney). Season 1, Episode 2. (Mar 16, 2022). https://www.youtube.com/watch?v=T5rYwdQO71k
2: Braue, David. “Global Cybersecurity Spending to Exceed $1.75 Trillion From 2021-2025,” Cybercrime Magazine (September 10, 2021), https://cybersecurityventures.com/cybersecurity-spending-2021-2025/.
© Copyright 2022. The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates, or its other professionals.
About The Journal
The FTI Journal publication offers deep and engaging insights to contextualize the issues that matter, and explores topics that will impact the risks your business faces and its reputation.
Datum
21. Okt 2022
Ansprechpartner
Senior Advisor