Saturday, August 6, 2022

4 Golden Ways How Chess Can Ante Up Your Cyber Mindset

 


This may sound like an odd question to many of you out there, but with most of us WFH, have you been finding that you are playing more board games with your kids in an effort to spend more time with them?  If so, you are not alone.  There are a number of families with whom I have had conversations over the last week or so, and it seems like that board games are the norm after dinner.

Whether its playing Twister, Trivial Pursuit, etc.  at least you are engaging your mind with others which helps stimulate the brain and the thought process far more that just sitting in front of your computer or watching TV. 

But there ,is one game out there, that could do more than just that.  It is called Chess.  This is probably one of the most “thinking” games that are involved, as it requires, skill, strategy, and even knowledge about your opponent.

But being good at it does not happen overnight, rather it takes time, and perhaps even a lifetime.  In fact, they are some people who are so good at it that they can even make it a career.  Personally, I have played Chess the most back in high school, when I was on the team, and on and off throughout college.  Heck, I even played it online a few times with friends as well.

So, you may be asking at this point where am I going with this?  Well, Chess can also be a great way to build up your mindset to hone in your Cyber skills.  Yes, everybody wants to have their skills sharpened, but simply getting certs after certs or doing online training is not going to cut it in the end.  As Cyber professionals, we all need to find ways to increase our thinking power, so here are some ways in which playing Chess can actually do that:

1)     You can understand your opponent’s doubts:

In the world of Pen Testing the goal of the Red Team is to get into the minds of a Cyberattacker, and literally break down within the legal bounds of your contract.  The same can said of Chess.  You are trying to get inside the mind of your opponent to see where their weaknesses may lie at.  But the best thing about this particular situation is that you are sitting directly in front of him or her.  So, this gives you an opportunity to study their gestures and reactions.  Remember, human beings react differently to certain things in the physical sense, so this is the perfect opportunity to study those moves.  And no, it does not AI or ML to do this.  Remember, as I have pointed out before, humans are also creatures of habits.  It is quite likely that the same bodily gesture will be used to reflect the same manners of weaknesses.

2)     The creation of a plan:

In everything that I write as it relates to security breaches, I always harp upon the need to have an Incident Response/Disaster Recovery/Business Continuity Plans in place.  These are the documents that will guide you when you are hit.  The same of true is of chess.  You need to have some sort of plan in place before you embark on your next game.  It doesn’t have to be on paper, but you need to have some sort of strategy mapped out as to how you want to defeat in your opponent.  Of course, unless this is a good friend of yours, you will not know who your opponent is, therefore you need to be on your toes to keep changing your strategy as your game evolves.  This is the very same true of Cybersecurity.  Simply knowing what the threat signatures have been in the past are not enough to predict future strategies.  Of course, you have AI and ML to help you to do this, but in the end, you have to make your own calls. For example, you need to have a game plan in mind every day as to how you plan to identify future threats and combat them.  Of course, they probably will not evolve the way as you have planned out, but that is the beauty here:  Learning to be adaptable and make changes to your game plan, as you have to do in Chess.

3)     Time management:

In the world of Cyber, there is no such thing as time. We have to act quickly in order to keep the Cyberattacker at bay.  But of course, reality dictates the opposite, as it takes IT Security teams at least 6 months to detect an attack in progress, and the Cyberattacker of today is staying in for longer periods of time in order to fully understand your environment.  But once the moment happens, you have to be ready to strike back in a minute’s notice.  This is where the value of time management comes into play.  But unfortunately, the IT Security teams of today are so overburdened that time management is not even heard of.  For them, just trying to keep their heads above for a single day without going insane is a herculean task.  But playing a game of Chess (and often) and making use of a time clock will help to a great degree sharpen your time management skills.  For instance, you are given a X amount of time in order to make a move, and this could be the one that dictates whether you win or lose the game.  The same can be said of trying to capture the Cyberattacker or fighting off a threat.

4)     An Introduction to Automation:

As mentioned earlier in this blog, humans are creatures of habit.  We simply don’t want to change unless we have to, even of it makes our lives easier.  The same could also be said of automation.  This is where the role of AI and ML come into Cyber, especially when it comes to doing repetitive tasks and filtering out for false positives.  But in the world of Chess, you do not have to all the time have a human opponent – you can also have an automated one. This was made famous after Chess Master Garry Kasparov lost to a computer automation tool developed by IBM called “Deep Blue”.  This all happened back in 1997, so who knows how much the technology has evolved since then?  More information about this historic Chess match can be seen at the link below:

https://www.history.com/this-day-in-history/deep-blue-defeats-garry-kasparov-in-chess-match

My Thoughts On This:

So, here are some ways in playing a game of Chess parallels the world of Cybersecurity, and how it can sharpen your IT Security Teams reasoning and thought processes.  Of course, it would be great to sit in front of a Cyberattacker to learn their tactics and strategies, but of course this will never happen until the turn to the good side.

As an IT Security manager, you need to challenge your staff in different ways.  Perhaps consider having a Chess camp once a quarter where they do nothing but play games against each other or a computer.  True, it may sound kind of boring, but have it some place where relaxation is the key, such as a hotel.  And of course, add some extra incentive as playing a game of Chess may not excite all of your employees:  A gift card for each attendee, and a grand prize for the ultimate winner.

No comments:

Post a Comment

How To Improve Your Code Signing Process: 6 Golden Tips

  With the advent of AI, one of the biggest issues that face all businesses and individuals alike is making sure that whatever receive is ac...