Offense versus Defense

Earlier today two of my colleagues were engaged in a skirmish in the long-running battle of defense versus offense. In the end, they both agreed that defense is important to winning a championship. Indeed, most people accept as a truism that “defense wins championships.” Just bringing up the topic causes pundits of all stripes to regularly roll out stats and charts proving the primacy of defense.

Yet it’s offense that gets most of the press. As legendary Alabama football Coach Bear Bryant said, “Offense sells tickets, but defense wins championships.” For those who doubt the popularity of offense, ask yourself who is more well-known: Jerry Rice, Emmitt Smith, and LaDainian Tomlinson? Or Paul Krause, Emlen Tunnell and Rod Woodson? Obviously Rice, Smith, and Tomlinson. They just happen to be the all-time touchdown leaders in NFL history. Krause, Tunnell and Woodson are the top three interception leaders.

Further evidence of the popularity and renown of offense can be seen on any sports channel where offensive highlights far outnumber defensive ones. (Although it is a source of guilty pleasure, for me and many others, to enjoy a great hit in football or hockey — probably a vestigial remnant of our animalistic nature.)  

I agree that offense puts butts in the seats, but no team consistently wins without a solid defense.* This is true in sports and especially so for business in the IT era. Daily we hear of security breaches happening to major businesses like Target and Yahoo!, as well as smaller entities like Los Angeles Valley College which just paid $28,000 to a ransomware hacking.

Security breaches are more than a nuisance, they are expensive and can damage a company’s reputation and market value beyond repair. A recent example is when Yahoo! announced last year that  a nearly two-year old data breach that had affected 500 million user accounts. This occurred while Yahoo! was — whoopsie! — in the middle of attempting to sell itself to Verizon. Things got even worse for the yet-to-be-consummated deal when Yahoo! later disclosed a separate, earlier breach in which 1 billion accounts were compromised.

The cost of data breaches is also increasing. According to IBM’s 11^th Annual Cost of Data Breach Study, the average cost of a company data breach grew from $3.8 million to $4 million in 2016. In addition to cost, the global study puts the “likelihood of a material data breach involving 10,000 lost or stolen records in the next 24 months at 26 percent” for any company.

The truth is that a security breach can happen to any organization. So what can you do to protect yourself and your company data? Take a security course and certification! With cybercrime costs projected to reach $2 trillion by 2019, the demand for trained IT pros has never been greater. 

“The best defense is a good offense,” is an adage applicable to many fields. While it would be nice to always be on offense conducting your business in a profitable manner, sometimes it is your IT defenses that will save the day. Regardless of the IT path you choose, it’s always good to have some security training.

2017 is a great time to begin beefing up your IT security arsenal. Remember, it’s not a question of “if” your organization will be attacked, but “when.”

About the Author — Calvin Harper is an associate editor for GoCertify and a veteran of the publishing industry. Calvin is a championship-level blogger and journalist, but only plays defense when he's past deadline.