The Paris Olympics: More Than Just Gold Medals Are At Stake

Uploaded on 2024-08-05 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The Olympic Games generates a worldwide buzz that goes far beyond sporting excitement. Since the first Games in 1896, this event has been an opportunity to promote understanding and peace among nations in the spirit of friendly competition. However, in today’s digital world, more than gold medals are at stake when it comes to this year’s iconic sporting event. 

The Games have gradually become a target for cyber criminals, who see it as a way to cause major disruption on the world stage.

The Tokyo Games recorded 450 million cyber attacks. The Paris Games are expected to see 8 to 10 times as many attempts. Even before the Games began, Microsoft’s Threat Analysis Centre warned against ‘malign disinformation campaigns’ exploiting AI. Technological developments, interconnected networks and a complex geopolitical landscape all contribute to this increased vulnerability. It is therefore crucial for all stakeholders to remain vigilant and to see these events as a lever for collective awareness of cyber threats. 

Eyes Wide Open On Security

Measures have been put in place from the outset to guard against potential attacks. The ‘JOP Massifié’ exercise kit, provided by the French Cybersecurity Agency ANSSI, has been invaluable. Intrusion and network surveillance tests have also been carried out beforehand, as well as the application of new systems such as algorithmic video surveillance (VSA), which was tested at Taylor Swift's Paris concerts in the spring. 

With threats ranging from deepfakes, to ransomware and social engineering tactics, all of which can hack into systems and sensitive data, what appears to be a simple disruption can become a major security breach. Public infrastructure is a prime target, given the huge crowds of spectators at the Games.  The telecommunications sector, with the multitude of exchanges over the coming few weeks, is particularly at risk, as are hospitality and transport industries, with an increase in the number of visitors to sites. Online,  have already tried to lure consumers with fake tickets.    

Between tourists, athletes, sports federations, partner companies and public authorities, the playground for hackers is virtually unlimited. So, it's vital to keep a close eye on potential threats, given the chain reactions they can provoke.

What's at stake is not only national - and international - security, but also the economic losses that could result from a massive attack. Everyone can contribute to the success of the Olympic Games by adopting simple and effective measures. 

A Digital Race Against The Clock 

In today's environment, with the rapid development of new technologies, companies mustn’t be content with spot checks of identities to protect themselves against potential threats. They need to be on constant alert and equip themselves with the tools they need to ensure their security. This is crucial for every company involved in the Olympics’ ecosystem. In an Olympic-sized supply chain of permanent staff, contractors and volunteers, everyone has a role to play in analysing access levels in their system. 

The HR department is particularly on the front line because of the sensitive data it processes and the authorisation it grants for a wide range of personnel.

From permanent workers in the International Olympic Committee, to temporary workers and contractors such as event coordinators, security and hospitality staff, HR must work closely with IT to implement stringent identity security controls and grant access on a need-to-know basis only. This is crucial to prevent gaps from opening up and the wrong identities creeping into systems. 

It is also crucial to empower every member of the organisation, whatever their role, whether they are employees or external collaborators. Fluid communication between departments is essential, as is prevention and training for stakeholders. 

Simulations and resilience testing, such as those provided by the ECB to banks to assess their ability to recover from a cyber attack, are an effective way to monitor the threat landscape and ensure preparedness in the event of an attempted breach. With this in mind, European legislation, with NIS2 next October and DORA in January 2025, will establish a new framework and is helping to increase levels of preparedness across industries. This is particularly the case with identity security, given user access points are often a frequent entry point for attacks.
In a high-risk context such as the Olympic Games, it is essential to put in place basic principles such as zero trust, where no access is considered reliable by default. A holistic view of corporate access must be adopted to ensure proper authorisation and to minimise the risk of gaps in security posture. An identity security solution that can grow with the size of the business and adapt to day-to-day changes is also essential.

In short, cyber security during major events is a collective challenge requiring vigilance, preparation and cooperation at all levels.

A unified identity security strategy enabling visibility across the digital ecosystem and ongoing team training are all key to guaranteeing the security and smooth running of large-scale events. Every individual and every organisation must play their part in countering threats and ensuring their success.

Steve Bradford is Senior Vice President EMEA at SailPoint

Image: Ideogram

You Might Also Read:

AI At The Paris 2024 Olympics

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Russian Cyberwar Methods Are Evolving
Millions Of US Voters Exposed Online »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

AlgoSec

AlgoSec

The AlgoSec platform enables the world’s most complex organizations to gain visibility, reduce risk and process changes at zero-touch across the hybrid network.

Metasploit

Metasploit

Metasploit penetration testing software helps find security issues, verify vulnerabilities and manage security assessments.

Leviathan Security Group

Leviathan Security Group

Leviathan provides a broad set of information security services ranging from low-level technical engineering to strategic business consulting.

Identity Automation

Identity Automation

Identity Automation is a leading provider of Identity and Access Management software.

BlueID

BlueID

BlueID is an IDaaS technology product which enables your objects to securely connect and interact with your users’ smart phones and smart watches.

VerifyMe

VerifyMe

VerifyMe is a global technology solutions company delivering brand protection offerings to mitigate counterfeiting, product diversion, and illicit trade.

Bolton Labs

Bolton Labs

Bolton Labs is a leading provider cybersecurity services, tools, and analysis for MSPs and organizations who want to scale their security offerings.

Advanced Systems International SAC

Advanced Systems International SAC

Advanced Systems international is a global company dedicated to data security software design, development, support, and licensing.

Xage Security

Xage Security

Xage is the world’s first blockchain-protected security platform for Industrial IoT.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

Cynexlink

Cynexlink

Cynexlink offers Managed IT Services with Security, Network, Storage & Cloud solutions for all size of business.

ditno

ditno

ditno uses machine learning to help you build a fully governed and micro-segmented network. Dramatically mitigate risk and prevent lateral movement across your organisation – all from one centralised

The Citadel Department of Defense Cyber Institute (CDCI)

The Citadel Department of Defense Cyber Institute (CDCI)

CDCI is established to address the critical national security needed for a skilled cybersecurity workforce.

Intaso

Intaso

Intaso are a boutique head hunting and talent solution firm with specialist Cyber and Information Security expertise.

Privasee

Privasee

Make GDPR compliance simple with Privasee. Our software makes it easy to protect your data and ensure you’re compliant with the new regulations.

FusionAuth

FusionAuth

FusionAuth is the customer authentication and authorization platform that makes developers' lives awesome.