Yes... you read that correct. Allow me to explain...

If you're a fan of the movies (which I certainly am!), then you'll recognise some of these key scenes, but allow me to change the perspective for you because the galaxy (far, far away) has some lessons for us all!

If the Empire had encrypted the plans for the Death Star, Prince Leia would never have been able to plug them into R2D2 for him to take to Tatooine!

The lesson: If you have something important (like plans for your latest invention!) you should probably store it securely on an encrypted drive!

R2D2 gains access to EVERYTHING
The little droid saves the day (for the Rebels) on multiple occasions by plugging into systems on multiple ships, and taking full access.

The lesson: If you have 'admin' rights to a system, you can do anything. You need to setup a user account on your laptop that doesn't have privileged access to everything. It's easy to do and can prevent someone taking over your systems, once they're plugged in!

The Empires Poor Risk Assessment
It wasn't until the Empire was under attack that they discovered a 'small vulnerability' (the exhaust port), that allowed the Rebels to blow up the Death Star.

The lesson: Conduct periodic risk assessments on your most important systems so that you spot any vulnerabilities BEFORE things go bad! If needed, gain expert advice to give you a full understanding of where an attack might come from.

Order 66 - Malware from the Sith
In "Revenge of the Sith" the Stormtroopers were happily working with the Jedi... until the Sith Lord triggered 'Order 66'.  This hidden trigger within the code of the Stormtroopers turned the tide, as they went on the rampage to destroy the Jedi.

The lesson: Malware often sits quietly inside your systems until it is triggered either by an action you take, or by an external attacker.  Make sure you have purchased anti-virus software which is maintained, so that it can stay up-to-date with the latest threats.  Don't let Order 66 be YOUR downfall!

Jedi Mind Tricks; Social Engineering at its best
Throughout the saga, we see the Jedi use mind tricks to bypass the Empires technical controls. Remember the line "These are not the droids you're looking for.."? A recent malicious attacker used a 'self-mutating' virus that effectively told the anti-virus "I am not a virus... allow me to continue". (Spoiler: It failed, but it shows what the attackers are now doing!)

The Lesson: Don't rely on technical controls to protect you. You need to be alive to the fact that Cybercriminals and scammers are always trying to trick you into giving over more information.  If you have staff, train them on what to look out for when it comes to phishing attacks - not just grammatical errors, but the emotions that the scammer is trying to illicit. Scammers are using AI to be more effective (just like you are!), so we need to be aware of the human aspects of security, and how we (as people) can be tricked into acting against our own interests.

CONCLUSION
Are you convinced that the Star Wars saga are Security movies now?! I could go on (but I'm sure you don't want me to! 😅)...

The truth of the matter is this... technology can only take us so far - we also have to trust our instincts, and use the 'Force' within us. If something doesn't feel right... then trust your gut. It's known as the 'second brain' for a reason!

If you're struggling with Security and/or would like to discuss the topic further (or Star Wars! 😃) get in touch... oh... and one last thing...


May the Force Be With You... Always.