The Paris Olympics: More Than Just Gold Medals Are At Stake

Uploaded on 2024-08-05 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The Olympic Games generates a worldwide buzz that goes far beyond sporting excitement. Since the first Games in 1896, this event has been an opportunity to promote understanding and peace among nations in the spirit of friendly competition. However, in today’s digital world, more than gold medals are at stake when it comes to this year’s iconic sporting event. 

The Games have gradually become a target for cyber criminals, who see it as a way to cause major disruption on the world stage.

The Tokyo Games recorded 450 million cyber attacks. The Paris Games are expected to see 8 to 10 times as many attempts. Even before the Games began, Microsoft’s Threat Analysis Centre warned against ‘malign disinformation campaigns’ exploiting AI. Technological developments, interconnected networks and a complex geopolitical landscape all contribute to this increased vulnerability. It is therefore crucial for all stakeholders to remain vigilant and to see these events as a lever for collective awareness of cyber threats. 

Eyes Wide Open On Security

Measures have been put in place from the outset to guard against potential attacks. The ‘JOP Massifié’ exercise kit, provided by the French Cybersecurity Agency ANSSI, has been invaluable. Intrusion and network surveillance tests have also been carried out beforehand, as well as the application of new systems such as algorithmic video surveillance (VSA), which was tested at Taylor Swift's Paris concerts in the spring. 

With threats ranging from deepfakes, to ransomware and social engineering tactics, all of which can hack into systems and sensitive data, what appears to be a simple disruption can become a major security breach. Public infrastructure is a prime target, given the huge crowds of spectators at the Games.  The telecommunications sector, with the multitude of exchanges over the coming few weeks, is particularly at risk, as are hospitality and transport industries, with an increase in the number of visitors to sites. Online,  have already tried to lure consumers with fake tickets.    

Between tourists, athletes, sports federations, partner companies and public authorities, the playground for hackers is virtually unlimited. So, it's vital to keep a close eye on potential threats, given the chain reactions they can provoke.

What's at stake is not only national - and international - security, but also the economic losses that could result from a massive attack. Everyone can contribute to the success of the Olympic Games by adopting simple and effective measures. 

A Digital Race Against The Clock 

In today's environment, with the rapid development of new technologies, companies mustn’t be content with spot checks of identities to protect themselves against potential threats. They need to be on constant alert and equip themselves with the tools they need to ensure their security. This is crucial for every company involved in the Olympics’ ecosystem. In an Olympic-sized supply chain of permanent staff, contractors and volunteers, everyone has a role to play in analysing access levels in their system. 

The HR department is particularly on the front line because of the sensitive data it processes and the authorisation it grants for a wide range of personnel.

From permanent workers in the International Olympic Committee, to temporary workers and contractors such as event coordinators, security and hospitality staff, HR must work closely with IT to implement stringent identity security controls and grant access on a need-to-know basis only. This is crucial to prevent gaps from opening up and the wrong identities creeping into systems. 

It is also crucial to empower every member of the organisation, whatever their role, whether they are employees or external collaborators. Fluid communication between departments is essential, as is prevention and training for stakeholders. 

Simulations and resilience testing, such as those provided by the ECB to banks to assess their ability to recover from a cyber attack, are an effective way to monitor the threat landscape and ensure preparedness in the event of an attempted breach. With this in mind, European legislation, with NIS2 next October and DORA in January 2025, will establish a new framework and is helping to increase levels of preparedness across industries. This is particularly the case with identity security, given user access points are often a frequent entry point for attacks.
In a high-risk context such as the Olympic Games, it is essential to put in place basic principles such as zero trust, where no access is considered reliable by default. A holistic view of corporate access must be adopted to ensure proper authorisation and to minimise the risk of gaps in security posture. An identity security solution that can grow with the size of the business and adapt to day-to-day changes is also essential.

In short, cyber security during major events is a collective challenge requiring vigilance, preparation and cooperation at all levels.

A unified identity security strategy enabling visibility across the digital ecosystem and ongoing team training are all key to guaranteeing the security and smooth running of large-scale events. Every individual and every organisation must play their part in countering threats and ensuring their success.

Steve Bradford is Senior Vice President EMEA at SailPoint

Image: Ideogram

You Might Also Read:

AI At The Paris 2024 Olympics

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Russian Cyberwar Methods Are Evolving
Millions Of US Voters Exposed Online »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

SC Media

SC Media

SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face.

CloudDNA

CloudDNA

CloudDNA deliver solutions that enable users and devices to connect over high performance, secure, efficient, scalable cloud networks.

SQA Service

SQA Service

SQA Service provide independent software and process Quality Assurance services.

Computer Forensics Consult (CFC)

Computer Forensics Consult (CFC)

Computer Forensics Consult provides disaster recovery, computer forensics, electronic discovery and litigation support services in the growing area of Cyber Security.

National Forensic Sciences University (NFSU) - India

National Forensic Sciences University (NFSU) - India

National Forensic Sciences University is the world’s first and only University dedicated to Digital Forensic and allied Sciences.

ValueMentor

ValueMentor

ValueMentor is a leading cyber security service provider in the Middle East. We enable clients to reduce risk by taking a strategic approach to cybersecurity.

Nucleon Security

Nucleon Security

Nucleon Endpoint Detection and Response EDR is the most effective way to protect the value created by your organization against any threat.

Bores Security Consultancy

Bores Security Consultancy

Bores Security Consultancy are an established family-run business delivering expertise in security and technology.

Telindus

Telindus

Telindus is the strategic IT partner for the flexible organization of the future. We build optimal IT infrastructure with four components: networking, cloud, cybersecurity and data & AI.

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.

Treacle Technologies

Treacle Technologies

Treacle Technologies are a Cyber Security startup with a focus on Defensive Security.

Entitle

Entitle

Entitle's SaaS-based platform automates how permissions are managed, enabling organizations to eliminate bottlenecks and implement robust cloud least privilege access.

Fortress SRM

Fortress SRM

Fortress SRM protects companies from the financial, operational, and emotional trauma of cybercrime by improving the security performance of its people, processes, and technology.

Future Crime Research Foundation (FCRF)

Future Crime Research Foundation (FCRF)

FCRF is a Non-Profit NGO specializing in Research in Cyber Security, Digital Crime, Fraud Risk Management, Cyber Laws and Cyber Forensics.

United Nations Office of Counter-Terrorism (UNOCT)

United Nations Office of Counter-Terrorism (UNOCT)

UNOCT provides UN Member States with the necessary policy support of the UN Global Counter-Terrorism Strategy, and wherever necessary, expedites delivery of technical assistance.

Esentry

Esentry

Esentry systems is a managed security service provider with focus on continuous security monitoring, threat detection, threat analysis and cybersecurity compliance.