Probably everyone in the audience is familiar with the tale, but I’ll lay out the basics just so that we’re all on the same page.
Our story starts with three little pigs—small, plump, delicious, and utterly opposed to being eaten. The three little pigs each build a house—the first pig out of straw, the second out of sticks, and the third out of bricks.
Then the wolf shows up. It asks the first pig for permission to enter; the first pig (sensibly) refuses, and so the wolf huffs and puffs and blows the house down. Pig numero uno flees, curly tail between its legs, to the house of the second pig—only for the wolf to follow it there.
The stick house is no more huff-and-puff-proof than the straw house, and so soon enough pigs one and two are running for their lives again. They hole up with pig three, the one with the brick house. The wolf comes knocking, and after the pigs refuse him entry, he huffs and puffs once more—but the house of bricks holds firm!
The wolf then gets it into his head to come in through the chimney. But the pigs hear him coming, boil a big pot of water in the fireplace, and when the wolf comes in, they catch him in the pot and cook and eat him. (It’s a pig-eat-wolf world out there.)
Now, what does any of this have to do with the state of cybersecurity?
The straw house represents an unsecured network and its systems.
The house of sticks represents a network environment that’s using point security solutions.
The real strength in a brick house is in the design: an interlocking set of components that leave no gaps for an attacker. In the cybersecurity world, that would be a comprehensive security strategy.
Well, the way I see it, the house of straw represents an unsecured network and its systems. This is the old way of doing things, the early intranets. There was no need to protect anything, before cybercrime was a meaningful threat! Even nowadays you can find a handful of organizations that haven’t put any thought into securing their networks—but usually a big bad wolf comes along pretty quickly and shows them the error of their ways.
The next house, the house of sticks, represents a network environment that’s using point security solutions. An individual stick is much stronger than an individual piece of straw. In the cybersecurity world that might mean the use of endpoint security, best practices for controlling traffic to and from specific servers, limited port access, and so on.
The problem for our pigs is that the individual sticks don’t provide any real security. Real security comes from the house—from the integrated environment formed by your network, servers, and systems. No single security tool can protect you, unless it’s part of a seamless, comprehensive security solution.
That brings us to the house of bricks. Now, bricks are stronger than sticks or straw. But the real strength in a brick house is in the design: an interlocking set of components that leave no gaps for an attacker. In the cybersecurity world, that would be a comprehensive security strategy, including a solution that monitors all relevant tools and correlates their data.
But even the brick house wasn’t enough to stop the big bad wolf. In the face of robust security, the big bad wolf changed tactics: it targeted the vulnerable opening of the chimney.
The cybersecurity parallels are impossible to ignore.
If you want to protect your computer from hackers, there’s one foolproof way to do it. Take out the wifi card and the Bluetooth antenna; get into the USB ports with a plier and really mess them up. Stick a carrot in the Ethernet port. I guarantee you you’ll never catch another virus from your email again.**
Of course, you’ll never read another email again, either. At the end of the day, we need to keep our computers attached to our local and global networks—the value of network operations exceeds the risks. But when we’re networked, a smart attacker—like a big bad wolf—will be able to identify our vulnerabilities and go after them.
That brings us to the final piece of the cybersecurity fable: active monitoring. When the big bad wolf couldn’t huff and puff his way into the house of pigs, he didn’t give up. But the pigs didn’t let themselves become complacent either. They watched and they listened. When they heard his feet coming up the roof—when they detected early indications of compromise—they prepared an active response, isolating and defending the threat vector.
No matter how carefully you build your house, attackers are still prowling around outside. Sooner or later, one of them will recognize a vulnerability, and move to exploit it. You need to be prepared for that day, ready to identify early signs and act swiftly to deny access to your systems and data.