4 minute read
MORE “MUUMIMAMMA”, PLEASE
Text: Professor Buck Rogers MSc - Has had a long career in cyber, covering military, government and private business. A confirmed Moomin fan with a tattoo to prove it, and a lover of all things Finnish with another tattoo to prove it.
Advertisement
So, before I get accused of cultural misappropriation, I need to be honest, I am not Finnish, however, as a Brit I am a Finophile. My love for Finland started over 18 years ago on a visit to Oulu university, which is also where I attended my first mid-summers party, and later that year a post sauna roll in the snow, after all being cold is only a state of mind (Sisu). I would consider Northern Finland (Utsjoki) my spiritual home, and I have travelled to Lapland more than once (and not just to see Father Christmas). However, and more importantly for this article, I have been to the home of all that’s good in the world Muumimaailma - Naantali ! So when I had the chance to write an article for this magazine, from a country I love there clearly could only be one subject, Moomins and cybersecurity (I was surprised it had not been done before)!
Moomin Valley like the cyber world contains lots of different characters, an understanding of, and using of Moomin characters to articulate threats and opportunities can enhance the user awareness experience, make Cyber/Info security more approachable and relevant, after all, no one wants to be the Groke!
To quote Moomin Papa in Moomin Papa at sea
So let’s get started -
MOOMINTROLL (MUUMIPEIKKO)
The good - An agreeable user, keen to learn, see’s the world of technology as exciting, something to be used and investigated. Feels safe behind the endpoint controls, loves keeping in touch with family and friends by social media. Confident that there is nothing the CISO can’t sort out. Will always do the right thing.
The bad - Prone to phishing attacks especially if its an appeal for help. Total faith in security and believes they will catch any bad stuff, could lead to clicking without thinking. Shares too much on social media with friends and family, a potential social engineering target.
Solution - A good induction process, keep education and training updated and relevant to him/her. Monitor the effectiveness of the training, whilst developing a proactive cyber reporting structure. Do not stigmatising mistakes, but investigate concerns, (backed up by a well-understood discipline process) - Make sure the Moomintroll user knows he is the first line of defence!
SNIFF (NIPSU)
The good - Timid so won’t do anything risky with his technology, cares for the equipment issued to him, happy for others to tell him what to do. Not malicious or mean-spirited.
The bad - Greedy, immature, no responsibility, cowardly. Unlikely to own up to making mistakes/ report (clicking a link, giving away a password). Would risk corporate information for gain. Easily bored so unlikely to read or make and effort to understand corporate security policies.
Solution - A good data loss prevention program with employee monitoring. Principle-based cybersecurity policy, regular training and testing based on real-world events.
LITTLE MY (PIKKU MYY)
The good - Honest, action-focused, brave and fearless, will defend the organisation and is not easily fooled, observant so will notice even small changes in software or functions. Very reliable, at home in most environments, will adapt quickly to using new technology - prepared for anything.
The bad - Likes to find out other’s secrets (but never shares them), small things annoy her, action-focused (does stuff immediately), very aggressive, brash and abrasive personality. Messy and untidy, can hide well!
Solution - All the skills needed for a red team member, train and develop them for your own internal testing team - a perfect pen-tester.
THE GROKE (MÖRKÖ)
The good - None, Groke types turn up uninvited, spread their cold fear and gain wealth/information from others. Acts like a hostile nation-state.
The bad - Where they turn up destruction follows. Silent until you notice the temperature change. Unlikable and threatening until they get what they want, will then silently disappear.
Solution - Nation-state threats and APT’s are always the hardest to defend against, having a detection and response capability, which is tested, backed up with a good cyber intelligence capability on emerging threats will help - target 1-10-60, 1 minute to detect, 10 to identify and 60 to remove.
THE HATTIFATTENERS (HATTIVATTI)
The good - None, act in groups, lack free thought, follow direction unquestioningly. Similar to intellectual property theft APT.
The bad - Silent and covert, never stops moving, only interested in the next target, once reached they move to next. Faceless, they can sense even the smallest vulnerability - very serious and zealous.
Solution - As for the Groke, however, good cyber hygiene will make it difficult for them, easier to move on than the Groke if you are a hardened target.
And finally the CISO,
every organisation needs a good CISO or “Muumimamma”, calm and collected, never let things get on their nerves - provides a safe work environment (so people can be at their best). Keeps secrets, will intervene if someone is wronged and happy to learn from mistakes. Thanks to Muumimamma everything runs smoothly, a constant and calming presence, respected by peers and seniors alike - will always share learnings and knowledge. The best countermeasure from the Groke and Hattifatteners.
Moominpappa, from the book Moominpappa at Sea.
