Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Tuesday, July 11, 2006

What CIOs can learn from Mediaeval Castles

If we compare at the evolution of Infosecurity with history, how far have we come?  The authors believe that we’re somewhere shortly after the Norman Conquest—in other words, mediaeval.  However, that’s not a criticism: in fact, in the 13th century, they had a pretty strong grasp of security issues.  Go to any Heritage castle that dates from these times and you’ll see what he means.  Take Harlech Castle in North Wales, for example.  Harlech formed part of the Iron Ring of castles built by King Edward I in order to quell Welsh resistance and prevent future insurrection.  Its design and location are testament to the advanced security architecture of the time and their success in securing key assets and keeping intruders at bay.  Design BluePrints Back in the days of the crusade and the knight errant, the security of the castle was put above all else in the design phase.  A secure design was paramount, and a key part of the business of survival.  Whilst security remained uppermost in the mind of the castle architect, convenience and useabiltiy did also factor in the design process.

Secure outer “areas” provided a forum for trade and agriculture to be developed and helped the castle community to develop and prosper, in much the same way that controlled third party access, virtual private networks and secure remote access help to increase overall efficiency and productivity for businesses today.  Castles were constructed to anticipate the likeliest path of attack and to force attackers into positions of weakness.  They were designed so that attacks would be as difficult as possible, forcing enemies to charge uphill, expose their own weakensses to attack and leave themselves unguarded. 

Harlech’s unsurpassed natural setting—with the mighty protection of the sea, the mountains, steep impenetrable cliff faces and the natural strength of the rock—certainly played a major role in helping King Edward build a castle to meet the defensive requirements of the age.  Applications are built as rapidly as possible and put onto the network landscape, often no consideration is given to their security at it is assumed that they will be secured with the overall perimeter fencing.  An integrated, multi-layered approach is necessary to guard against today’s sophisticated IT security threats and protect business critical systems across an organisation.  Protecting The Crown Jewels Harlech castle’s architectural design and impressive security defences played an equally important role as its natural defences in protecting the inhabitants and their assets from hostile attack.

The moat and draw bridge formed the first line of defence, and for those who penetrated these initial lines, there lay the and outer wall and an impressive twin-towered gatehouse with three portcullises (more on this later).  Here, key locations were protected by high inner walls, round towers and battlements, designed to offer the utmost protection and security to the King and valuable assets.

We must look at Infosecurity issues in much the same way, ensuring that business critical systems remain secure and protected against attack. 

Encouraging Trade and Commerce Maximum security is all well and good, but the castle architect also had to design a fortress which would control access to third parties such as merchants and tradespeople whose presence would benefit the castle community and help it to prosper.  In today’s increasingly mobile and flexible workplace, it is important that security architecture be developed with improved openess and accessibility to network applications and services for maximum productivity, while also maintaining the security of core business systems.

Posted on 07/11