It’s fall, and for most of us, that means one thing: football season! Most Americans love sitting in front of the TV on Sunday to watch their favorite team battle it out on the gridiron. The touchdowns, the field goals, the interceptions, the big hits. It’s very exciting. But this season, we’re asking that you take a second to think about how it compares to a strong cybersecurity strategy while you’re watching the game. Now we know what you’re thinking. How do you tie together football with cybersecurity? Well, it’s not as hard as you might think.
A wise speaker once said, “The best offense is a good defense.” As unlikely as it may seem, this adage applies to football and cybersecurity. You need a strong defense in football to keep the other team’s playmakers out of your endzone. Regarding cybersecurity, you need a solid defense to keep cyber criminals from getting their hands on your personally identifiable information (PII). You need the strongest defense possible to protect your data. Last season, the Buffalo Bills had the NFL’s best defense. So, it’s safe to say, you want your cybersecurity to be like the Buffalo Bills.
If you think of the ball as malware and the offensive players as cyber criminals, even more connections appear between football and cybersecurity. For example, many teams use a “play action” strategy where the quarterback pretends to hand off the ball to a running back only to pull the ball away at the last second and throw it. This is similar to the cybercriminal strategy of phishing, where a criminal uses a fake but authentic-looking email to trick their victim into opening up an attachment or clicking a link that leads them to malware. Both strategies use deception to trick their victims into thinking one thing is happening (a run play or a normal email), only for a different and detrimental action to occur instead (a pass play or a malware infection).
So, can NFL defenses work against these plays to help us understand how to not fall for a phishing attempt? They sure can! Defenses will watch the offensive linemen to determine whether a play is a run or a pass in disguise. If the linemen move forward to open a hole for the running back, then it’s a run. If they stand straight up and pass block, then it’s a pass. In the same way, there are things you can look for in a suspicious email to figure out whether it’s real or not. We even have a fun name for it, it’s called the SLAM Method.
SLAM stands for Sender, Links, Attachments, and Message. When you come across a suspicious email, you should first check the sender. Make sure the address the email is coming from is correct and doesn’t have any spelling errors. If it’s in any way wrong, you are likely being phished. Then hover over any links in the email to see where they are taking you. If what shows up doesn’t match the name in the link or if it looks at all suspicious, do not click on it. Never open attachments from unknown emails; they could contain dangerous malware that can infect your device. Even if it comes from someone you know, if anything looks off (or phishy), double-check with the sender through another form of communication. Lastly, check the email’s message for any spelling/grammar errors or an uncommon sense of urgency.
We’re not going to sit here and expect you to go over your training during the big game, but if you can find a way to connect what you love to what will protect your data, that could be what saves you from a breach. Contact us today to learn about the resources we can provide for your success and safety!
Reynolds + Rowella is a regional accounting and consulting firm known for a team approach to financial problem solving. As Certified Public Accountants, our partners foster a personal touch with our clients. As members of DFK International/USA, an association of accountants and advisors, our professional network is international, yet many of our clients have known us for years through the local communities we serve. Our mission is to operate as a financial services firm of outstanding quality. Our efforts are directed at serving our clients in the most efficient and responsive manner possible, delivering services that exceed the expectations of those we serve. The firm has offices at 90 Grove St., Ridgefield, Conn., and 51 Locust Ave., New Canaan, Conn. For more information, please contact Elizabeth Bresnan at 203.438.0161 or email.