The sentry walked along the rampart peering out into the misty darkened sea. Weary from his nightly watch, his feet clumped along the stones of the high fortress wall. He paused as he noticed a distant fragment of the fog swirl and he heard a distinct snap echoing across the water. As he strained his eyes into the haze, a form began to take shape. He saw the flash of fire and then heard the vague boom of a cannon. The ship materialized instantly. He turned and ran along the wall shouting “Alarm! Alarm!” Cannon fire from the ship erupted spewing hot massive balls of lead speeding toward the fortress walls as the first explosion shattered the night.
Such was my imagination roaming as I stood on the walls of Castillo de San Cristóbal in Puerto Rico on my vacation last week. As a military history hobbyist, I love visiting historical sights and the fortresses in San Juan, Puerto Rico (Castillo de San Cristóbal and Castillo San Felipe del Morro) provided me with plenty of revelry. As excellent examples of Spanish fortifications from the 16th and 17th century, the fortresses offered everything you would expect – high stone walls, thick ramparts, cannon emplacements, well placed sentry turrets. As I stood on the massive castle walls, I couldn’t help but think how the original builders must have thought the fortification as completely impregnable. How could anyone breach these walls? However, time marched on, technology changed and seemingly impregnable fortresses have all been at one time attacked and defeated.
In security, we are constantly challenged with this same principle. As soon as some fortification or defense is built (and perceived as impregnable), the game changes and the attackers find new ways around the ramparts. Whether it is new malware, exploiting the human factor or just the pure brute force of DDoS, we read stories of impregnable walls breached every day. What are some of the lessons we can learn from those fortress builders of years gone by?
- The impregnable is never impregnable. History has this lesson upon lesson. What we can learn is that the impregnable is only impregnable at one point in time. Once some defense is in place, the immediate plan on how that defense should be improved, fortified or even replaced must be initiated because the attackers are already planning on how to defeat those defenses.
- The walls will always be breached. There are multiple instances where the reliance on the defensive structure is so complete that the defenders cannot think of any possible outcome other than the attackers being thwarted. (Think Maginot Line). As soon as the walls are breached, the strategy breaks down and the defenders are thrown into complete chaos.
- Protection of the fortification does not equate to protection of the population. Castillo San Felipe del Morro is a great example. In 1625, while under attack by the Dutch, the fortress withstood the invasion. Unfortunately, the town itself was sacked and burned. Great outcome for the generals, not a good outcome for the poor villagers.
Security has to be a constant flow and evolution within an organization. Firstly, security strategies must be fluid and no defense should be considered impregnable. There always must be movement forward to ensure protective and defensive measures are evolving and improving. Secondly, a breach should be expected… anticipated - perhaps even welcomed. Why? Because in today’s digital security world, if you haven’t found a breach, you probably are not looking in the right places or you are blissfully blind to the ransacking going on in your village. And finally, security needs to understand exactly what it is protecting. Understanding and connecting to the business is what will give security the motivation to keep evolving and addressing emerging threats. I pity the soldier that stands safely on the walls of a fortification watching the village burn to the ground outside.