Image for post
Image for post

The Cyber 11

For the start of new football season in Scotland, let’s have a bit of fun, and create our perfect cybersecurity team. We have 11 players for our first team, and now need to define the positions of the 10 out-field players. I would say the perfect formation could be 3:5:2:

  • 3x Risk Analysts (Defence). Defence is solid, and they stay at the back and never stray forward, while communicating continually with their midfield and attack. They continually listen to their goalkeeper, too, and try and identify gaps in the team’s formation. The manager continually shouts orders at them, and they must then listen, but are good solid and dependable players.
  • 5x SOC (Security Operation Centre) Analysts (Midfield). The midfield is able to pick off attackers as the move forward, and also feed the attack. They have done their homework on the opposition and know exactly the types of attacks that they will mount, and are well drilled in coping with these. When required the midfield will move back into defensive positions and create a solid wall of defence in teaming up with the Defence. Their workload is much higher that the defence and attack, and spend a good deal of their team running around after the ball.
  • 2x Threat Hunters (Attack). The attack is able to move back into midfield when required, but will burst out into attack and probe the opposition’s defences. They often shout back at the defence if they feel like the opposition are changing the tactics. Unfortunately they can day dream a bit and fail to pick up passes, but when required, they will stick the ball in the back of the net.

The SOC Manager will keep them all focused, and at half-time will get the team in, and tell his strikers to stop the other team from mounting too many surprise attacks, and to make sure they we are keeping their midfield and defence up-to-date on the tactics that the other team are using.

And what about the goalkeeper? Well, ultimately it is the CIO/CISO who is responsible for the last line of defence. If they let in too many goals, they will get sold onto another club.

And the substitutes? Well, three more SOC Analysts (just in case we get attacked too much), a new CIO/CISO (in case we loose too many goals and they have to go off injured, or we put them on gardening leave, or they just run off the pitch), and, of course, two Incident Responders (to probe why we are losing so many goals).

Enjoy the new season!

ASecuritySite: When Bob Met Alice

This publication brings together interesting articles…

Prof Bill Buchanan OBE

Written by

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. EU Citizen. Auld Reekie native. Old World Breaker. New World Creator.

ASecuritySite: When Bob Met Alice

This publication brings together interesting articles related to cyber security.

Prof Bill Buchanan OBE

Written by

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. EU Citizen. Auld Reekie native. Old World Breaker. New World Creator.

ASecuritySite: When Bob Met Alice

This publication brings together interesting articles related to cyber security.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store