In the coming Fifa world cup 2018 events, we’ll be seeing rival team drama at its best.
Despite the extraordinary preparations, the world cup is renowned for its unpredictability. Strong teams can fall like flies, while unlikely newcomers can take the soccer world by storm. Sometimes it can boil down to the group stage, or the weather, and other times it can be sheer luck. But more than occasionally, methods and tactics play an instrumental role in exploiting vulnerabilities, shaping attack and defence, and changing football history.
In both the field & security environments, masterminding tactics is key
In cybersecurity exercises, where red teams and blue teams are pitched at opposing sides of the spectrum, masterminding tactics is key. And just as strategy and offensive – defensive tactics play a crucial role in player’s success, advanced red and blue team Tools, Tactics and Processes (TTPs) can improve an organization’s security posture.
See top takeaways from football field defence and attack procedures to be replicated in red team – blue team exercises.
Be prepared! Scenario planning for field attacks
Club management teams worth their mint will play out defence, offense or a combination. They will create positional scenarios and strategies, to achieve the tactical template for winning the game. Often, scenarios for how to score goals, and how to stop them are formed after observing and learning the rival team’s tactics and habits.
Football & security simulation teams research multiple scenarios before attacks
The Spanish teams are renowned for their expertise in rival analysis. Seasoned assistant coach David Bettoni, Real Madrid is such a tactician. He and his team even employ data scientists to analyse their rival’s games and develop threat intelligence.
In the cybersecurity field red team – blue team simulation exercises operationalize threat intelligence by simulating real-life cyberattacks. Successful red team – blue team simulations will research and develop a hacker’s guide, or playbook to dissect their tradecraft, find out how attack vectors are formed and prevent similar attacks.
Strategies for controlling space & attack surfaces – more similar than you think
Football tactics are about visualizing and controlling space. Similarly, simulation exercises will visualize the attack surface and harness hacker tactics to understand, control and improve threat models.
In football, intelligence models are formed after analysing tracking data, in a bid to connect lines between the players and visualize possible passes. For example; the Delaunay Triangulation geometric model highlights possible paths for passing the ball between players, and keeping control over the space. It is not only their skill with the ball, but their geometrically accurate positioning that makes it possible to control the pass.
New automated tracking and measuring methods help elite team managers to hunt for new opportunities and exploit gaps left wide open by the opposition. Previous Barcelona coach Pep Guardiola, (now Manchester City manager) is a master at devising such space control strategies. Considered the most innovative coach in Europe, he worked tirelessly on tracking space gaps and offensive defence strategies, to change the rhythm of the game.
Visualization exposes vulnerabilities within the field space and attack surface
In security, red team simulation done well will leverage reconnaissance techniques and build an accurate picture of the attack surface. Like a seasoned football team manager, red teamers will map out the threat environment and research the gaps in the attack paths, to prevent future attacks. Visualization of the attack surface will provide insights needed to expose vulnerabilities and build effective campaigns against cyber threats. Once the gaps are visible, organizations can then progress to actionable insights and prioritized remediation.
Weak defense is costly on field and in an organization’s network
On the field, just as within the security realm, defensive strategies and tactics are paramount. Having a strong defensive line up is essential for successful offense, if we follow Pep’s philosophy.
In soccer defense simulations can help determine where to position players and when to mark. By learning the opposition’s movements and attack methods, teams can form proactive defence strategies. These plans can help to destabilize opponents and suffocate opposition attacks. They can even prevent counter attacks, giving the winning team the edge.
Teams with expert defence strategies can offer space superiority
Atletico Madrid is renowned for its proactive defence set in the famous 4-4-2 and 4-3-3 player positioning shapes. In games against high profile teams such as Barcelona they’re able to quickly ambush the opposing players and cause them to restart another strategy. They often compress space and win the ball by misleading the opposition Italian team Juventus is also famous for its resolute defence methods. The team ongoingly develops responsive defence models, manifested in their 4-3-2-1, and 4-4-2 line-ups.
In cybersecurity simulations, blue teams are tasked with defending against attackers while continually improving an organization’s security posture. Similar to professional soccer teams, blue teams need to mitigate any weakness in their line of defence, and act on threat findings.
The overall winner is the organization
Nonetheless the buck stops here when comparing the two; unlike football games, where there is a clear winner or loser, in red team – blue team exercises the overall winner is the organization.
When advancing to an automated platform, simulation exercises can work continuously in a 24/7 loop to expose attack vectors and prioritize actionable remediation. A continuous and fluid loop is key to preventing new security cracks in between exercises. Still, the concept of constant cybersecurity protection can only be played out in the network.
In the end, nothing beats the thrill of non-stop champion fifa football played out in the world cup. In the next few days, millions of us will be glued to the small screen drama broadcasted from Russia, while we leave the security teams to silently stop the next hacker.
More about automated and continuous red team – blue team platforms
