Threat Misdirection: What the Titanic Can Teach Us About Cybersecurity

“I cannot imagine any condition which would cause a ship to founder. I cannot conceive of any vital disaster happening to this vessel. Modern shipbuilding has gone beyond that.” – Captain Edward Smith, Commander of Titanic

RMS Titanic was a passenger liner designed to be the “last word” in luxury ship travel. In addition to lavish cabins, first-class passengers enjoyed a variety of onboard amenities such as libraries, fine dining restaurants, a swimming pool, Turkish baths, a gymnasium with all the latest equipment, and a powerful wireless telegraph they could use to send messages to friends and family. The ship was the largest at sea when she set sail on her maiden voyage, carrying more than 2,220 passengers and crew.

On April 15, 1912, the Titanic collided with an iceberg.

You know the rest of the story. Or do you?

You probably believe that an iceberg sunk the Titanic. A fair guess, but an incorrect one when we take a closer look. That iceberg was an organic, unthinking object, merely a condition of the environment.

“Okay,” you must be thinking. “If it wasn’t the iceberg, then it was the captain’s fault.”

Unfortunately, that’s not quite right either. While the captain was a decision-making entity, he too was just a condition of the overall environment in which the ship sank. So, what is the real answer? What truly sank the Titanic?


In fact, in every case of a sinking ship, no matter the circumstances nor the level of infamy associated with the sinking, the water was to blame. Skeptical? We can prove that idea by taking a ship and its captain to dry land and trying to sink them there. A little difficult, right?

There was a lot of fanfare surrounding the idea that the Titanic was “unsinkable.” Captain Smith couldn’t imagine a single scenario in which his ship might end up on the ocean floor. And he wasn’t alone. Phillip Franklin, the Vice President of the White Star Line, said, “I thought her unsinkable and I based my opinion on the best expert advice.”

Let’s consider your organization for a moment. Do you have experts on your team telling you that you’re absolutely protected from a cyberattack or from being the victim of cybercrime? Do you believe them?

Consider your environment. Think about your organization as the Titanic, within the context of cybersecurity. Your adversaries are the iceberg. Water is opportunity – and opportunity is neither good nor bad. It just is. The same water that sank the Titanic is the same water that provides safe voyage for thousands upon thousands of other ships every day. It is opportunity. It may present us with success or failure.

If we cannot blame the iceberg or the captain for the sinking of the Titanic, we cannot blame cybercriminals or technological vulnerabilities for cybersecurity incidents. We need to look at the bigger picture.

When you think about cybersecurity, think about what really happened.

After the Titanic sank, people wanted to know three things: why did it happen, who could they blame, and could it have been prevented? You’ll probably ask yourself those same questions when you face a cyberattack. Those seeking answers to the Titanic tragedy found a few things to blame: substandard rivets, not enough lifeboats, weakness in the hull, and other vulnerabilities. And you’ll probably find some answers to your own questions: a stolen laptop, bad passwords, weak access controls, etc.

But don’t focus on the rivets, the iceberg, or the captain.

Look at the water.

What is the opportunity?

In the end, the maritime industry learned something from the Titanic. Today, many organizations are learning similar lessons from their own cybersecurity incidents and the seemingly near-weekly news of data breaches and incidents at other companies. The corporate approach to cybersecurity is changing as organizations realize it’s not “if” but “when” they will be targeted.

The sinking of the Titanic revealed a multitude of operational and administrative failures. New maritime regulations were released in response to prevent future disasters and, as a result, sea travel was made safer for all.

When thinking about your business, what has a cybersecurity incident revealed? What failures are you now aware of that you can address? In what ways can this incident make your data safer going forward?

A cyberattack will not have the same deadly results as the Titanic disaster, but it will have significant financial and reputational damages for the company that experienced it.

Make sure your cybersecurity program isn’t the equivalent of rearranging the deck chairs on the Titanic.


About The Author: GreyCastle Security

GreyCastle Security is the industry’s leading provider of cybersecurity risk assessment, advisory and mitigation services. The company was founded to help organizations establish effective cybersecurity programs, minimize the impact of security incidents and simplify regulatory compliance. GreyCastle Security services clients throughout North America, specializing in cybersecurity for healthcare, higher education, technology, financial services, manufacturing, retail and critical infrastructure.

GreyCastle Security’s innovative approach to service delivery completely eradicates an organization’s need to recruit and retain cybersecurity talent. GreyCastle Security’s award-winning cybersecurity programs are delivered continuously and managed proactively by certified experts, including risk assessment, vulnerability assessment, penetration testing, incident response, awareness and governance.

GreyCastle Security is a subsidiary of Assured Information Security (AIS).