Lessons We Can Take From the Battlefield to Bolster Cybersecurity What makes sense for defense in the real world is just as good an idea in the virtual world.

By David Canellos

Opinions expressed by Entrepreneur contributors are their own.

In what seems to have become an almost daily ritual, millions of Americans regularly find themselves waking up to yet another large-scale cyber-attack against a high-value target, most famously right now the attack on Sony by, allegedly, the North Korean government.

As the world becomes increasingly connected and digitized, one revelation has become abundantly clear: traditional defensive mechanisms for protecting financial and personal information are not enough, and alone can no longer represent the best means for defending our critical data. Given the new reality of the situation it's time we begin to look at traditional battlefield techniques for lessons in our ongoing cyber battle.

Related: FBI: North Korean Government Was Indeed Responsible for Sony Hack

A time honored defensive battle strategy is reducing the footprint of what needs to be defended, and then concentrating one's defensive forces around guarding that perimeter. A comparable cyber equivalent to this strategy includes deploying modern day IT "weapons": encryption and tokenization technologies. These technologies camouflage parts of sensitive data, such as payment card data and banking account details, essentially forcing would-be hackers to try to hit targets that are constantly moving and nearly invisible. Through the implementation of these defensive strategies, companies are able to better guard their perimeters by dramatically shrinking the number of systems where valuable data flows in the clear.

Removing targeted data from external systems, such as cloud-based software, creates an increasingly difficult task for our cyber-criminal enemies. While the natural inclination to address the issue of data traveling to cloud applications may be to block them entirely, the fact is, that does not represent a practical battle tactic. With the wide-spread adoption of the public cloud by enterprises, IT and security managers now have broader and growing "IT perimeters" where sensitive data (payment card data, healthcare data, banking data, etc.) can flow and that represent the new reality in which we live.

In order to achieve business objectives and ensure productivity, many cloud technologies, such as cloud-based customer support systems, need to have access to select aspects of "sensitive" data in order for users of these systems to do their jobs.

Related: CEOs Can No Longer Sit Idly By on Cybersecurity

For this reason encryption and tokenization solutions for the cloud must to be smart enough to not interfere with the operation of the cloud systems, but still safeguard the information that needs to be accessible via these enterprise systems. Now combining tight security with access that does not impede production can be a delicate balance, therefore we recommend adherence to these three critical considerations when making decisions:

  • Only strong, well vetted encryption and/or tokenization solutions should be used. Always look for solutions that have been audited by accredited third parties.
  • Enterprises need to maintain control of any and all encryption keys and/or the token vault, if tokenization is used.

  • Encryption/tokenization solutions must not interfere with the important aspects of the cloud systems that enterprise end users depend on, such as being able to search on names, account numbers, the last four digits of accounts, etc.

The cyber battlefield is evolving daily. New tactics and strategies are being deployed with regularity in what can only be described as a modern day arms race. In order to safeguard their critical assets, organizations need to take proactive steps to defend their digital footprint while ensuring seamless business continuity. By employing strategies learned from the conventional battlefield and coupling them with modern cyber defense technologies, enterprises can keep would-be enemies off balance and ensure productive operations.

Related: A Lack of Communication on Cyber Security Will Cost Your Business Big (Infographic)

David Canellos

President and CEO, Perspecsys

David is president and CEO of Perspecsys. Previously, David was SVP of Sales and Marketing at Irdeto Worldwide, a division of Naspers. Prior to that, David was the president and COO of Cloakware, which was acquired by Irdeto. Before joining Cloakware, David was the general manager and vice president of sales for Cramer Systems (now Amdocs), a UK-based company, where he was responsible for the company’s revenue and operations in the Americas. Prior to his work with Cramer, David held a variety of executive, sales management and business development positions with the Oracle Corporation, Versatility and SAIC.

Editor's Pick

Related Topics

Business Ideas

55 Small Business Ideas to Start in 2023

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2023.

Business Solutions

Add ChatGPT to Your WordPress for Just $40 This Black Friday

Easily integrate ChatGPT to the front, back, or both ends of your website.


Explore the Outdoors in Comfort with a $99 Discount on CARSULE

This is a Black Friday exclusive price, available for a limited time.

Growing a Business

If You Give People This 'Discovery' — They'll Buy From You Instead of Amazon

Creating a unique retail experience doesn't have to be a big flashy production. We're all just looking for a story that makes us feel good about ourselves.

Business Models

The Most Important Shift Hybrid Workforces Need to Thrive Is the One Most Are Ignoring

Successful hybrid work is not just about being in the office half the week.