What Cybersecurity Leaders Can Learn From the Game of Golf
As in golf, security requires collaboration across the entire organization, from individual contributors in each department to the executive level and the board.
COMMENTARY
I was talking with some friends about the recent 2024 Presidents Cup matchups, and how Mackenzie Hughes — a fellow Canadian — was going to play a pivotal role on the International Team. As we dug into game strategy, I had one of those lightbulb moments: There is a lot in common between golf and cybersecurity.
Now, comparing a quiet game on a manicured golf course with a high-intensity, never-ending battle to secure critical data and digital assets might seem like a stretch. But stay with me — there is a real overlap between the challenges security leaders face and the sport that's been surging in popularity.
Here are five takeaways that stand out to me.
Teamwork Is Critical
Golf is often seen as an individual sport, but tournaments like the Presidents Cup remind us of the importance of teamwork. For those unfamiliar: At the Presidents Cup, 12 US golfers compete against a team of golfers from the rest of the world. Even as traditionally played, golf requires close collaboration. Golf Digest magazine recently declared that "professional golf is no longer an individual sport," as players now rely not only on their trusted caddies but also on statisticians, short game coaches, trainers, sports psychologists — you name it.
It's the same with cybersecurity. There's a common misperception that it's IT's problem, but it's everyone's job to protect the company. In fact, recent research shows that nearly one in three employees think security isn't their problem — which likely explains why 54% of employees admit they don't always follow their company's security policies.
Just like golf, security requires collaboration across the entire organization, from individual contributors in each department to the executive level and the board. Without a team effort, you're not going to get far.
Fundamentals Matter
In golf, it's tempting to think the latest gear will magically fix your game, but even with the most advanced clubs, you won't perform well if your grip, swing, and stance are off. In cybersecurity, it's the same. It's easy to get caught up in the buzz around new AI tools or fancy software, but if your fundamentals are weak, no shiny new tech is going to save you.
At its core, security is about getting the basics right: things like multifactor authentication (MFA), keeping software updated, and maintaining strong password practices. Once those fundamentals are locked in, you can build from there. But skipping them? That's like trying to tee off without knowing how to hold the club properly.
You Need a Full Bag of Clubs
Every golfer knows that one club won't get you through a full round. You need a driver, irons, wedges, and a putter to handle different situations. The same goes for cybersecurity. There is no "silver bullet" solution that can handle all your security needs.
A hybrid workforce, with employees using their personal devices across different locations, adds layers of complexity. You need a suite of tools that complement each other, working in harmony with human behavior. The best security tools don't focus only on protection — they also prioritize ease of use and help employees be productive while staying safe.
Shooting Par Is Hard
To a non-golfer, shooting par might sound like an average accomplishment. But anyone who's tried it knows it's really hard, and keeping your organization safe is no different. Achieving a solid baseline of security is tough, especially when cybercriminals are constantly upping their game.
More than one in three businesses (36%) have suffered cyberattacks costing more than $1 million in the past year, up from 27% the previous yearup from 27% the previous year. With generative AI (GenAI), attackers are creating more sophisticated, hard-to-detect threats, with deepfakes alone projected to cost $40 billion in 2027.
As long as there's money to be made, criminals will continue to innovate fast. Staying the course and ahead of the competition will require security professionals and golfers alike to seize every edge, from technology to training.
The Best Make It Look Easy
Watching a pro golfer hit a perfect shot can make the game look simple, but anyone who's tried knows better. In cybersecurity, the best solutions are often the easiest, most seamless, and least disruptive for employees to use. The easier it is for employees to follow security protocols without interrupting their flow, the more secure your organization will be.
About the Author
You May Also Like
The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024