Insider Misuse - The Lannisters of Casterly Rock

By Jeff Aldorisio

Posted on Apr 26, 2019

Although they do not put “fun” in dysfunctional, the Lannisters of Casterly Rock are likely the most discordant Westerosian family. Whether power hungry Cersei or disaffected Tyrion, the internal strife within the Lannister family may lead to them losing the Iron Throne, just as the internal strife within an organization can lead to data loss.

The Accidental Misuser: Jaime Lannister

Users move throughout organizations and require different access to enterprise data throughout their employment life cycle. With the proliferation of identities across cloud infrastructures, the ability to monitor data access and use becomes increasingly difficult. Thus, users often retain access to resources, such as Software-as-a-Service (SaaS) platforms, even after they no longer need them.

Jaime Lannister exemplifies the employee life cycle - moving between Kingsguard, Casterly Rock, and King’s Landing. As both Cersei’s brother and lover, he inhabits multiple spaces physically and emotionally. Captured by the Starks and later placed in Brienne of Tarth’s custody, Jaime shares information about himself and family without an intent to harm them. In the same way, the accidental misuser leaks information across the ecosystem.

The Disaffected Employee: Tyrion Lannister

Disaffected employees, unlike neglectful employees, use their access to information to undermine the organization and steal data. Although their access may be limited within the ecosystem, they can exfiltrate information by downloading it and saving it to their own devices. Then, they can choose to sell it on the Dark Web or simply undermine the data’s integrity to cause disruption.

Tyrion, in the same way, uses his knowledge of his family to undermine them. As Tywin Lannister’s youngest son, he acts as the Hand of the King to Prince Joffrey but finds himself demoted, later framed for the Prince’s murder. After fleeing King’s Landing, Jorah Mormon captures him and takes him to Daenerys Targaryen, to whom he pledges his loyalty, ultimately becoming her advisor and using his knowledge of his family to undermine them. Thus, Tyrion’s ability to take his family’s secrets and use them to create strategies to help Daenerys makes him the Lannister disaffected employee.

The Privileged User: Cersei Lannister

Privileged users have unique access to systems and networks. Their administrative rights make them “super users” - people or applications who can control access to sensitive systems and data. Privileged access can mean anything from configuring systems to deploying patches which means that maintaining control over these users becomes more important than ever.

As Tywin Lannister’s wife and mother to the Lannister’s heirs, Cersei acts as a privileged user. She controls the children, arranging marriages and seating herself as the de facto queen. After Tywin’s death, she ultimately negotiates power for herself and, despite a few bumps in her pursuit of power, currently sits on the Iron Throne ruling the seven kingdoms. Yet, her path to power included underhanded machinations and control over a variety of people. As the old saying goes, power corrupts and absolute power corrupts absolutely. As the corrupted absolute power holder, Cersei represents the potential problems associated with the privileged user who chooses to use their unique rights to undermine the organization’s data protection.

Thus, insider misuse of access and data can undermine data security controls in the same way that the Lannisters’ internal politics undermine their power.

Security Research in your Inbox

Thanks for siging up for the newsletter!

No waiting, 100% Free

Get your personalized scorecard today

Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.

Get Your Free Score

Get In Touch

Thank you for contacting us!