Light Dark
April 12, 2022 By Josh Nadeau 4 min read
Risk Management
Security Services
Threat Hunting

When you play a video game, you probably want to win, or at least show off real skill. Cheaters make it a lot less fun, according to a recent Irdeto Global Gaming Survey.

It says 60% of all online video game players across the globe have had their gaming time negatively impacted by cheaters. These digital cheaters use various methods at their disposal, including viruses, exploits and hardware and software modifications. Some can even bypass anti-cheat systems, giving them an edge over other players.

On the surface, this may seem like an issue limited to gaming developers and their consumers. However, the increase of cyber cheaters raises more awareness about similar vulnerabilities. Some of these are already present in many modern IT infrastructures. Do you work with security systems operating in a hybrid work environment spread across multiple personal devices and off-site hardware? You might face similar issues that game developers see when it comes to a lack of visibility and control.

What can IT experts working on security across multiple organizations learn from gaming?

Online gaming to win

Online multiplayer games are becoming more and more popular. In the face of this, game developers have struggled to keep up with the demand for new content. At the same time, they need to ensure that their games are fair and balanced for all players. Cheating has always been a problem in the world of gaming. As tech advances, so too do the methods used by cheaters.

A common way online gaming cheaters gain an advantage is by using software exploits. These are vulnerabilities within the code of a game that malicious players can exploit to gain an unfair advantage. Some may be simple bugs that allow players to move faster than intended. More sophisticated techniques let players see through walls or control other players’ characters.

While cheaters create some exploits on purpose to give themselves an edge, others are discovered by accident. In either case, game developers must act quickly to fix the exploit and release a patch to update the game code. However, as many gamers are aware, not all game developers release patches in a timely manner, or even at all. This can leave players open to exploitation for weeks or even months.

Online gaming at work

Online gamers can ‘beat the system’ by modifying gaming code stored on their local machines. Of course, this is out of the control of development teams. It’s not unlike how malicious actors can exploit vulnerabilities in a modern IT infrastructure.

Lack of visibility and direct control are the key. Developers can’t always control how gamers access and change gaming code. That’s the same struggle that many modern IT system admins face.

In addition, businesses are moving away from on-premises IT infrastructure models and towards hybrid workforces. They are opening themselves to new attack vectors more and more. In these hybrid environments, people use off-site hardware and personal devices to access company data and apps. This creates a complex network of access points that are difficult to monitor and secure.

Modern IT systems are also becoming less centralized, with data and apps spread across multiple on-premises and cloud-based servers. This creates gaps in visibility and control that attackers can exploit. Just as game developers must create a level playing field for all players, IT admins must work to secure data and apps across a decentralized network. That’s true regardless of where the data are located. But driving this type of initiative requires a shift in thinking. We have to accept that many security models are outdated.

Securing data with less physical control

The concept of zero trust security has been gaining traction in recent years to secure digital environments with less physical control. Zero trust is based on the principle that all users should be treated as untrusted entities regardless of their location or device. This means that instead of relying on perimeter-based models, you should focus on securing data and apps at the user level.

User identity and access management (IAM) is a critical component of zero trust security. It allows administrators to control at a granular level which users have access to which data and applications. In addition, IAM platforms let businesses quickly onboard and off-board employees, enforce multi-factor authentication and track user behavior.

Another effective way to secure digital environments is through micro-segmentation. This involves creating small, isolated security zones within a network. Segmenting the network in this way makes it much more difficult for attackers to move side to side and access sensitive data.

What else can you do outside of using zero trust security models and IAM platforms? There are several options:

  • Patching systems and apps often
  • Take care when monitoring systems and networks for intrusion
  • Training employees in cybersecurity best practices
  • Conducting regular risk assessments
  • Using comprehensive incident response plans.

By taking these proactive measures, businesses can make it more difficult for attackers to exploit vulnerabilities in their IT infrastructure and better protect themselves against the ever-evolving threat landscape.

Moving forward

The trend of online gaming cheaters teaches us a great deal about the current state of cybersecurity. There is now a renewed sense of awareness when it comes to the dangers that decentralized networks can pose. In order for organizations to protect themselves, it’s essential that they adopt a more disciplined and proactive approach. By turning attention to the benefits of zero trust models, it’s possible to build an IT infrastructure that is much more resilient to modern-day attacks and reduces attack surfaces.

 |  |  |  | 
Josh Nadeau
Cybersecurity Writer

More from Risk Management
January 28, 2025

4 trends in software supply chain security

4 min read - Some of the biggest and most infamous cyberattacks of the past decade were caused by a security breakdown in the software supply chain. SolarWinds was probably the most well-known, but it was not alone. Incidents against companies like Equifax and tools like MOVEit also wreaked havoc for organizations and customers whose sensitive information was compromised.Expect to see more software supply chain attacks moving forward. According to ReversingLabs' The State of Software Supply Chain Security 2024 study, attacks against the software…

January 24, 2025

How cyberattacks on grocery stores could threaten food security

4 min read - Grocery store shoppers at many chains recently ran into an unwelcome surprise: empty shelves and delayed prescriptions. In early November, Ahold Delhaize USA was the victim of a cyberattack that significantly disrupted operations at more than 2,000 stores, including Hannaford, Food Lion and Stop and Shop. Specific details of the nature of the attack have not yet been publicly released.Because the attack affected many digital systems, some stores were not able to accept credit/debit cards, while others had to shut…

January 23, 2025

Taking the fight to the enemy: Cyber persistence strategy gains momentum

4 min read - The nature of cyber warfare has evolved rapidly over the last decade, forcing the world’s governments and industries to reimagine their cybersecurity strategies. While deterrence and reactive defenses once dominated the conversation, the emergence of cyber persistence — actively hunting down threats before they materialize — has become the new frontier. This shift, spearheaded by the United States and rapidly adopted by its allies, highlights the realization that defense alone is no longer enough to secure cyberspace.The momentum behind this…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature