Why don't fires grow out of control and burn down entire cities anymore?

The question has an answer, and it provides a helpful metaphor to explain core cybersecurity concepts to executives and decision-makers who might not otherwise grasp the technological complexities, said John Elliott, head of information security at the Principality Building Society.

Speaking at the RSA Conference, Elliott said that modern firefighting strategy takes a holistic view of the kill chain, creating the ability contain a fire rather than having it blaze from one building to the next — much as effective cybersecurity contains a threat.

Elliott said the inspiration for the metaphor was a conversation with a manager who was complaining about the never-ending requests from the information security team to buy new technology that was seemingly unnecessary. When Elliott asked him why the building has fire extinguishers when there hadn't been a fire in years, the manager got it.

In 1666, the city of London was only about a square mile in area. A fire started in a bakery in the pre-dawn hours, and burned down most of the city. Houses made of wood and straw burned quickly, and the narrow streets and closely packed houses enabled rapid spread.

Two hundred years later, much of Chicago burned down, despite having more stone buildings and a greater area. In that case, high winds, blew burning materials into flammable areas.

Today though, fire control begins with prevention; when prevention fails, detection systems alert responders to the fire so that response and recovery can happen fast.

"By using fire and people's common knowledge of how fire works and spreads, it works really well as a metaphor," he said.

See all of our RSA 2016 coverage here.

Share:
In Other News
Load More