What IT security can learn from the Titanic disaster: some questions to ponder on

After attending the OWASP EU summit in Belfast, I visited the Titanic exhibition. More than 1500 people died during this tragic sinking and the exhibition told a fascinating narrative on the event. Whilst walking around the exhibition centre several thoughts occurred to me about how the IT security industry can learn from this disaster.

Strategy

Structural Factors

Operational Factors

Organisational Culture

Compliance

Disaster Recovery Planning

Human Factor

The management team of the White Star Line were hopeful that the ship’s maiden voyage from Southampton to New York could be completed in record breaking time. Such a feat would garner positive publicity for the company, boost their egos and enhance their legacies. With some of the management team on-board such as John Jacob Astor and Bruce Ismay, there was pressure on the Captain to reach New York in the fastest time possible and he possibly compromised his usual high safety standards.How many C-level executives, IT managers, CIOs or CISOs have compromised the formulation or implementation of IT security policy so their organisation could reach sales targets or achieve goals within certain budgets? How many times has this ended in disaster?The rivets used to fasten the hull plates of the ship together contained high levels of oxygen and sulphur. In the icy waters of the North Atlantic, this made them very brittle. Some metallurgists have speculated that If higher grade rivets were used, the tear to the starboard side of the hull might not have been as extensive.The Titanic had 16 watertight compartments separated by bulkheads. However, once above the waterline, water could easily flow from one compartment into the next. These bulkheads should have been built higher (like they were in Titanic’s sister ships – bulkhead design version 2.0…). This might have averted the sinking or at least slowed the rate of the ship’s descent into the icy Atlantic.Secure hardware, software and a secured network are the “rivets” of a secured IT infrastructure. The lessons here are many. Software should be designed with least access privilege. When you compartmentalise your network using firewalls, VM and VPNs, you reduce its exposure to unauthorised users and applications. You also mitigate the movement of malware laterally across your network. The use of physical countermeasures such as restricted areas also helps mitigate risk.In the ship’s telegraph room priority was given to the personal messages of passengers. Most of these (one could argue frivolous messages) were from rich passengers sending messages to friends and family just to say they were on the Titanic – rather like that friend on Facebook telling everyone they’re in Hawaii. Several stages during that faithful night, the radio room was receiving so many personal messages it was akin to a Denial of Service attack. Telegraph traffic should have been prioritised for navigational communication and warnings.Likewise, IT network traffic needs to be prioritised. There will always be critical business traffic and traffic which is less important.The Titanic was, at the time of her launch, the largest passenger ship afloat. Her owner’s White Star Line dubbed her “unsinkable” a term also which the contemporary media frequently picked up on. Unfortunately, having this moniker and being the biggest ship afloat bred a certain arrogance in some of her crew. For example, on the night of the sinking, the ice warning transmitted by the nearby SS Californian was met with the curt reply of “shut up, shut up” by the Titanic’s radio operators.How many white-hat hackers have contacted large organisations to helpfully inform them about bugs in their infrastructure or products only to be met with a similar response or even no response at all. Moreover, how many IT teams in large organisations fail to properly to co-operate with their peers in countering the cyber security threat borne out of a dangerous sense of infallibility?While the ship had only had 20 lifeboats rather than the 48 required to save all passengers and crew, it was still fully compliant with British Board of Trade regulations. Just like with IT security, meeting compliance guidelines does not equal good security. Many organisations have strictly adhered to compliance guidelines such as PCI or HIPAA but have still experienced data breaches.Many of the lifeboats left the ship with only half their maximum capacity. There appeared to have been no checklists or procedural controls preventing the launch of half-full life boats. Whilst it was still only a new ship, proper lifeboat drills should have prevented this from happening.Not only did the Titanic not have sufficient lifeboats on-board, unbelievably for a ship of her size, she only had one pair of binoculars on board for the lookout crew. Unfortunately, these were stored in a locker and the key was held by a crew member who was removed from the ship at the last minute. For such a vital piece of equipment there should have been a backup pair of binoculars on board.How often does your organisation perform disaster recovery drills? It is often the “peopleware” methodology that make or break a successful disaster recovery plan. What redundancy does your organisation have for IT security equipment?Possibly one of the biggest failures that night was human. It was the assumption of Captain Edward J. Smith that, even after receiving repeated warnings, it was safe to travel through an ice field at the relatively fast speed of 22.5 knots (for a 52,000 ton ship at least). To come across an iceberg of this size could certainly be described as a “black swan” event as it was outside the realm of regular expectations but with reduced speed this tragic accident could have been avoided.What assumptions has your organisation made about IT security threats? Are they based on past threats? Or are they based on a “that could never happen to us” mindset? What assumptions do members of your organisation from board level to individual users hold with regard to IT risk?Just like an IT security breach, the roots of the Titanic disaster cannot be whittled down to just one factor. Instead, just like many disasters, they involve a multitude of organisational factors ranging from culture, strategy, IT structure, compliance, operational, disaster planning to human factors.