I still remember watching the U.S. men’s curling team win gold at the 2018 Winter Olympics. Like a lot of Americans, I hadn’t paid much attention to curling before that run. But seeing that team compete—and then stand on top of the podium—changed that. It was exciting, unexpected, and a reminder that mastery often lives in places most people overlook.
For me, curling was already a familiar sight. During my Navy career, I spent time in Canada and got introduced to the sport the proper way: by being told, politely, that it’s not just “shuffleboard on ice.” And in a detail that still makes me smile, the Canadian Navy actually has a national curling center. When a country takes curling seriously enough to institutionalize it, you quickly learn there’s more going on under the surface.
So watching the 2018 gold medal win while I was in Canada? Almost as good as beating them in hockey. (And yes—I’ve been watching, and even playing when I can, ever since.)
At first glance, curling looks simple. Slide a stone. Sweep. Repeat.
But the more you watch, the more you realize it’s a sport built on anticipation, positioning, and control. The best teams aren’t reacting after the stone stops moving—they’re shaping its path while it’s still in motion. They’re thinking several shots ahead and adjusting in real time based on small changes most people never notice.
Cybersecurity works the same way.
Cybersecurity Is About Shaping Outcomes Early
Too often, organizations treat cybersecurity as something reactive—something that kicks in after an alert fires or an incident occurs. But effective cybersecurity isn’t about last-minute heroics. It’s about preparation, visibility, and shaping outcomes before threats ever reach their target.
That means the fundamentals are still the difference-makers:
- Knowing who and what has access to critical systems
- Enforcing strong identity controls and multi-factor authentication
- Monitoring activity to catch unusual behavior early
- Staying current with patching and configuration management
- Training employees to spot common attacks like phishing and social engineering
- Having incident response and recovery plans that are documented and tested
None of these actions are flashy on their own. But together, they build a security posture that’s resilient—because it’s deliberate.
Visibility Provides the Advantage
In curling, teams continuously evaluate the ice: the position of every stone, the angles available, and the consequences of each move. That situational awareness is what allows them to control the game instead of chasing it.
Cybersecurity requires the same kind of visibility.
Organizations need to understand what systems they operate, how data moves, and what “normal” looks like across users and networks. Without that baseline, you’re not defending—you’re guessing.
As environments become more distributed—cloud adoption, hybrid infrastructure, remote access—visibility becomes both more challenging and more essential. Organizations that prioritize it can detect threats earlier, respond faster, and limit impact.
Small Adjustments Prevent Big Problems
One of the most impressive parts of curling is seeing how small adjustments—timing, speed, a slightly different line—can completely change the outcome of a shot.
Cybersecurity is often the same. Incremental improvements can dramatically reduce risk:
- Tightening access based on least privilege
- Segmenting key systems
- Improving logging and alerting
- Running routine vulnerability assessments and audits
- Testing backups and recovery procedures
You don’t have to rebuild everything overnight. Consistent, practical improvements—made intentionally—create lasting resilience.
Cybersecurity Enables Mission Success
At its core, cybersecurity isn’t about technology for technology’s sake. It exists so organizations can operate confidently, protect sensitive information, and maintain continuity when things get noisy.
The goal isn’t perfection. It’s resilience.
At D2S, we help organizations take a practical, mission-focused approach to cybersecurity—strengthening visibility, improving readiness, and building sustainable programs that evolve alongside the threat landscape.
Because in cybersecurity, as in curling, the win rarely comes from reacting at the last second.
It comes from preparation, awareness, and shaping the outcome long before the stone reaches its destination. Go USA.
