What Is Block And Tackle In Cybersecurity?

By: Mike Burgard
February 28, 2022

In the wake of the recent ransomware attack on the San Francisco 49ers, it's a bit "on the nose" to explain block and tackle cybersecurity. But as ransomware groups are becoming more professionalized in how they select their victims and carry out their attacks, it's urgent that even small to midsize businesses, nonprofits, schools and other government organizations take cybersecurity threats more seriously.

In 2021, according to the European Union Agency for Cybersecurity, there was a 150% increase in ransomware attacks, and the agency expects that number will continue to rise in 2022. This sharp increase in the number and severity of cyber attacks is why many top cybersecurity companies no longer assume prevention efforts are enough. After all, if there's no penalty for initiating an attack, and hundreds of thousands of dollars can be gained, cyber criminals have every incentive to continue.

To confront these increasingly sophisticated attacks, more and more highly skilled IT cybersecurity experts are going on the offense…which is where block and tackle strategies come into play.

Modern Cybersecurity For Dummies

If you're familiar with rigging or remembered your high school physics lessons, block and tackle typically refers to a pulley system that's designed to lift heavy loads. But block and tackle as it's known in the cybersecurity world is actually a football metaphor, and refers to playing both offense and defense. 


Defense is where traditional business cyber security is rooted, and it includes patching software and addressing system vulnerabilities as well as tools like firewalls and antivirus software. In essence, these methods help block hackers from accessing a business's network.

In football, it's often said that the best defense is a good offense. In modern cybersecurity, businesses who want to maintain a robust defense should at least consider a few offensive strategies: in essence, seeking out any hackers who have infiltrated their network, and "tackling" them before they're able to do any damage. Additionally, cybersecurity experts can hack cyber criminals right back, and probe existing defenses to identify vulnerabilities.

Building A Better Defense Is Key

If the increase in cyber attacks and their severity makes basic cybersecurity seem like an impossible goal, don't despair. Experts estimate that 80% of cyber attacks are preventable if organizations maintained a decent firewall, protected against malware, kept up with patches, took steps to secure their devices and admin accounts, and regularly trained their employees on phishing schemes and data security.

Unfortunately, 43% of small to mid-sized business don't have a cybersecurity plan of any kind, and according to a study by the Ponemon Institute, which surveyed over 1,800 IT professionals, 58% of respondents said that their organizations weren't tolerant of the downtime needed to apply necessary patches. Furthermore, of those respondents who reported they'd been attacked in the last two years, 42% said the breach had occurred because a patch wasn’t applied for a known vulnerability.

Prevention efforts really are sufficient to ward off most casual attacks, and should never be dismissed. But if someone really wants to hack your organization, even the toughest defenses can be breached. That's not an excuse to give up, but it is a reason to add more tools and strategies.

Going On The Offense

What if your organization could identify any attacks and stop them immediately? And what if your organization also probed its own defenses to identify vulnerabilities before hackers did? The threat of any attack would be reduced significantly, which is why including some offense strategies in your cybersecurity playbook can be a total game-changer.

But first, an important mindset shift must occur. Many business owners have lost sleep wondering if they will be victimized by ransomware or phishing schemes. While it's a good thing that cybersecurity is starting to get more attention, today it's more realistic to think in terms of when, not if. Cybersecurity professionals have a term for this mindset: Assume Breach Mentality. In 2022, experts predict a cyberattack will occur every 11 seconds; that's twice the rate of 2019. Therefore, an Assume Breach Mentality isn't pessimistic; it's realistic.

There is another term that's become common in the cybersecurity world, and that's Zero Trust Architecture. Basically, it's the end result of an Assume Breach Mentality, and includes a number of threat detection strategies. Like the name would suggest, a system designed with Zero Trust Architecture doesn't automatically grant trust to anyone on your business's network. Instead, the system works to identify users on all networked devices, maintain tight controls over who has access to what, and is constantly monitoring for unauthorized access.

Zero Trust Architecture may sound high-maintenance. But if it's set up correctly, it doesn't have to be. Marco's world-class team of cybersecurity professionals can help you choose the best mix of tools to keep your business safer, smarter and more secure. 

Talk to an IT Services Specialist

Topics: Security