[May the 4th] How Security Awareness Training Could Have Saved the Death Star

It's May the 4th, a holiday that celebrates our love for a galaxy far, far, away - Star Wars! I can't help but share some cybersecurity learning lessons from one of my favorite Sci-Fi movie series.

For example, lax security allowed for the theft of a single data file that would cripple the Galactic Empire by leading to the destruction of the Death Star during Rogue One: A Star Wars story. Implementation of a more advanced security protocol, which includes a comprehensive employee security awareness program, could have likely prevented this breach from occurring in the first place.

Let's dive in...

Galen: Insider Threat From a Privileged User

He was definitely a disgruntled employee and designed hidden fatal exhaust port flow in Death Star plans
Was an influence to Bodhi and convinced him to deliver data on the exhaust port
1. Employees loyal to The Empire were likely not trained to recognize signs
2. Trained employees would know that if you see something, say something!

Scarif Overall Planet Security: Weak

People could enter/exit the planet without regulation by the deflector shield
Rely on clearance codes to control in/outgoing ships
1. Clearance code used for stolen cargo shuttle still was active
Allowed Rogue One crew to land at the Citadel Tower on Scarif without additional security protocols
The deflector shield was left open unless an emergency happens
X-wings were able to fly into Scarif before the shield closes
1. Clearance codes should have been more closely monitored and deactivated
2. A lack of awareness of physical security threats is like leaving your front door open with a lazy security guard

Citadel Tower Security: Even Worse

Virtually no ID scan or check once you land at the facility
Rogue One crew overtakes security officers, seals their clothes; no one notices!
1. This is security 101 - you should always have employed multiple levels of authorized access and trained employees to be more vigilant
K2SO hacks into random robot and gets entire facility map
1. A lesson in restricting employee access
Death Star plans are on one physical file and it's easily accessible
1. You should NEVER store all your most sensitive data in one place
2. Was this data even encrypted?

Long story short: A single security breach can have devastating consequences on an organization, whether it's a company or a murderous Galactic Empire.

Don't let a series of events, many of which could have been prevented with a strong security culture bring your organization to its knees. New-school security awareness training, on the large scale and small, are everyone's responsibility to keep top of mind.

The world's largest library of security awareness training content is now just a click away!

In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world's largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.

You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.

The ModStore Preview includes: