While day-to-day IT work may lack the action and adrenaline of a major Hollywood production, that doesn’t mean an IT security career is a ho-hum profession. Even movies that are “based on a true story” are typically so exaggerated that they bear almost no resemblance to actual events.
It might be surprising then to learn that there are aspects of certain movies that manage to hit the nail on the head when it comes to working in security tech. Here are five aspects of IT security that bear a close resemblance to their portrayal in the movies.
You’ll likely have to deal with malicious people who have malicious intents
In the cyber world, it’s relatively easy to hide behind a veil of secrecy. Even when a hacker can technically be traced, law enforcement is often unwilling or unable due to the required expense and effort. Anonymity and lack of prosecution bring out the worst in some. Meanwhile, the good guys are faced with a continuous game of high-tech catch-up.
While criminal minds are hard-wired to get ahead by taking advantage of others, they are not your only concern. Citizens with good intentions can have such strong motives they feel the end justifies the means, even if laws are broken in the process.
The movie Sneakers exemplifies how far good intentions can go wrong. Whether you find yourself dealing with a college prank or an organized plot to take control of your systems, the results can be equally devastating. It turns out that the most powerful equalizer in the crime world is a keyboard and monitor. As a result, IT security teams have more potential enemies than they could have ever imagined.
You might accidentally expose something you weren’t intending on exposing
Consultants take note: All too often we find ourselves diving into the inner workings of another company’s systems, only to find more than we bargained for. This example hits close to home.
One of our writers was once tasked with designing a demonstration of a new web component for a state lottery system. In the process, he accidentally discovered that the state lottery website could be hacked by anyone using a certain code editor, no password required. Talk about an uncomfortable phone call.
The movie Wargames shows us how easy it can be to overlook simple details even in the most critical of systems. Or how easy it can be to stumble upon those weaknesses in the systems of others. The process of explaining the shortcomings of another’s system can be quite uncomfortable. No one wants to believe their hard work can be susceptible to simple vulnerabilities. Proceed tactfully.
You may have to break into your system in order to secure it
While most hackers will attempt to be discreet while in your systems, some will simply take control and lock everyone else out. Precious minutes tick by while they wreak havoc on your business, requiring InfoSec to run through their list of known possible exploits to get back in.
While it might over-dramatize the consequences a bit, the movie Firewall demonstrates how difficult it can be for an IT pro to regain access to a system that they’ve designed to be impenetrable. Or sometimes it isn’t difficult at all, which should raise its own set of concerns. That’s why some white hat hacking skills never hurt.
You have to beware of surveillance
Sometimes read-only access is all a hacker needs. Enemy of the State portrays Will Smith in a fight for his life as nearly everything around him becomes a tool to track his every move. Although 20 years old, this movie is prophetic in demonstrating how important it is to secure the Internet of Things. It also illustrates how easily devices can be manipulated to gain unauthorized access to corporate networks.
This can be especially true in Bring Your Own Device offices, where employees may unwittingly opt-in to data access for apps that are ultimately used to collect sensitive information.
You can tackle nation-state cyberwarfare
Sound too exciting to be true? Experienced cybersecurity pros may recall their efforts back in 2010 to purge Windows systems of a prominent worm and rootkit known as Stuxnet. Their systems were actually infected with a cyberwarfare exploit that spread beyond its intended target, dragging their office straight into the scenes of the movie Zero Days.
Cyberwarfare attacks are only expected to accelerate in coming years, as the ground rules between nation-state incursions have yet to be established. If you work in the transportation, telecom, financial, or utility industries, your organization is front and center for a “fire sale” that would make even the dramatized events of Live Free or Die Hard look like a practice run. The lesson here is to always be aware of your systems’ role in the grand scheme of things and plan accordingly.
While every day might not seem as action packed as a Hollywood production, few get to work in a field that captivates imagination in quite the way that IT security does. Whether you specialize in cybersecurity, infosec, or network security, those log files that we sift through tell a story of an ongoing battle against cybercrime. You’re working in a new era of warfare that as yet has few treaties in place to protect us.
The fulfillment that cybersecurity pros attain from their work goes beyond the financial stability and industry expertise that we gain. And as a side-effect, it can provide some interesting stories around the water cooler.