Like many of my high-tech colleagues I am an avid Game of Thrones viewer. However, its appeal is much broader. The series is set in a historical fictional medieval world made of seven kingdoms, all struggling for power in a tense battle between good and evil. No character is safe, and this unpredictably delights audiences by keeping them on their toes not being able to guess what comes next.
In fact, Game of Thrones shattered HBO’s viewership record with more than tuning in for its season 7 debut in July. No doubt this record-breaking show is the crown jewel of HBO and guarded like Fort Knox, right?
As a published author on articles on content governance and analytics, my interest piqued as I learned about HBO’s data breach of Game of Thrones. How relevant to my recent article, “,” where I discuss how 57 percent of breaches are internal and the steps companies can take to better protect themselves.
While most of them are from well-intended employees, the malicious insiders are more dangerous and costly to operations (per New York State Security Breach Reporting 2006-2013). Why? A malicious insider is rarely monitored and knows the location of the most valuable content, so the potential damage exceeds that of the external hacker.
of Game of Thrones before they broadcast, all at the hands of inside affiliates. Four employees or former employees of Star India, which has the rights to air the series in that country, have been arrested for . Separately, HBO accused its third-party Nordic and Spanish distributors for an error that caused the sixth episode to be leaked before its broadcast.
The struggles that HBO is facing are prime examples of a breach of confidentiality by a trusted user or group who bypassed multiple security controls to leak sensitive intellectual property.
The first step to better protection is knowing what and where your most valuable content is—or for Game of Thrones, your most valuable kingdom. Like kingdoms, not all content is created equal. Would you place more emphasis guarding Eastern Essos or King’s Landing? King’s Landing, the royal capital of Westeros, has rich and fertile lands, has access to the sea, and is home to the Iron Throne and ruler of the Seven Kingdoms—an obvious target for conquest.
Similarly, would you place equal resources on marketing collateral leads as you do core intellectual property, contractual obligations, and regulated content to comply with Payment Card Industry (PCI) standards or the Health Insurance Portability and Accountability Act (HIPAA)? Do you treat them differently? You should.