Understanding the Past to Prepare for the Future: What Cybersecurity Can Learn From Captain Marvel

Posted on by RSAC Editorial Team

*Warning this post or embedded links may contain spoilers* 

Following last year’s blog series spotlighting Star Wars Episode VIII: The Last Jedi and the film’s connection with cybersecurity, we’d be remiss not to do the same with this year’s biggest action blockbuster to date, Captain Marvel. 

The film is centered around the exploits of Carol Danvers, aka Captain Marvel, who is not only smashing and bashing alien threats but also smashing records at the box office. At time of writing, the motion picture has grossed close to $1 billion since hitting theaters, easily taking top spot as the highest-grossing film of 2019. 

It’s no surprise that the film has been a hit with so many viewers around the world. It follows a woman – and a group of humans and alien species, including a loveable “cat” -- as she tries to piece together her past in hopes that it will help her face off with a clear and present danger. 

Captain Marvel joins a long list of superheroes with a complicated past they are working to uncover. While on a mission to rescue an operative that has infiltrated the villainous alien race known as Skrull, Captain Marvel is kidnapped and subjected to a memory probe. It’s here where Captain Marvel sees pieces of her past she doesn’t remember. After escaping and crash landing onto a foreign planet (Earth circa 1995), Captain Marvel embarks on a mission to figure out who she is and the true capabilities of her powers. 

How does this relate to cybersecurity? You should be asking yourself how this doesn’t relate to cybersecurity, an industry whose huge achievements come with growing pains. And while they can’t exactly destroy enemies with energy blasts from their fingertips, cybersecurity professionals use more terrestrial methods: looking to the past in hopes they can learn from their mistakes and change future outcomes. 

Whether you are a superhero or cybersecurity hero, to be able to plan for future threats you must have a true grasp and understanding of the past. Like Captain Marvel, this includes the bad memories as well as the good ones. Instead of jumping head first into her mission, Captain Marvel traced back her memories and elements from her past to discover that the “villains” who had kidnapped her earlier in the film were actually the good guys looking for their family who Captain Marvel’s former teammates had chased into hiding. Once Captain Marvel had her memories and truth aligned, her current threats didn’t stand a chance. By understanding her past, including the memories of loss as well as the potential of what could be, she was able to harness power that makes her the most powerful superhero in the galaxy and focus on the future

The same can be said for organizations that take time to analyze past cybersecurity successes and failures, both within the industry at large and within their own organizations. A look back at a brief history of cybersecurity reveals countless moments that have helped shape present strategies, tactics, and approaches, and helps us understand mistakes we or our predecessors have made and prior tactics of our adversaries. The more cyber professionals know about the past, the better prepared they are to face today and tomorrow’s adversaries. 

So, where does Captain Marvel go from here? We won’t have that much longer to wait as she joins up with the Avengers in the upcoming movie, Avengers: Endgame, set to hit theaters April 26. Captain Marvel joins a cast of superheroes as they band together to take down a universe shattering foe. We’ll see if the team remembers their previous battles in preparation for their biggest battle yet...

RSAC Editorial Team

Editorial, RSA Conference

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs