The Paris Olympics: More Than Just Gold Medals Are At Stake

Uploaded on 2024-08-05 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The Olympic Games generates a worldwide buzz that goes far beyond sporting excitement. Since the first Games in 1896, this event has been an opportunity to promote understanding and peace among nations in the spirit of friendly competition. However, in today’s digital world, more than gold medals are at stake when it comes to this year’s iconic sporting event. 

The Games have gradually become a target for cyber criminals, who see it as a way to cause major disruption on the world stage.

The Tokyo Games recorded 450 million cyber attacks. The Paris Games are expected to see 8 to 10 times as many attempts. Even before the Games began, Microsoft’s Threat Analysis Centre warned against ‘malign disinformation campaigns’ exploiting AI. Technological developments, interconnected networks and a complex geopolitical landscape all contribute to this increased vulnerability. It is therefore crucial for all stakeholders to remain vigilant and to see these events as a lever for collective awareness of cyber threats. 

Eyes Wide Open On Security

Measures have been put in place from the outset to guard against potential attacks. The ‘JOP Massifié’ exercise kit, provided by the French Cybersecurity Agency ANSSI, has been invaluable. Intrusion and network surveillance tests have also been carried out beforehand, as well as the application of new systems such as algorithmic video surveillance (VSA), which was tested at Taylor Swift's Paris concerts in the spring. 

With threats ranging from deepfakes, to ransomware and social engineering tactics, all of which can hack into systems and sensitive data, what appears to be a simple disruption can become a major security breach. Public infrastructure is a prime target, given the huge crowds of spectators at the Games.  The telecommunications sector, with the multitude of exchanges over the coming few weeks, is particularly at risk, as are hospitality and transport industries, with an increase in the number of visitors to sites. Online,  have already tried to lure consumers with fake tickets.    

Between tourists, athletes, sports federations, partner companies and public authorities, the playground for hackers is virtually unlimited. So, it's vital to keep a close eye on potential threats, given the chain reactions they can provoke.

What's at stake is not only national - and international - security, but also the economic losses that could result from a massive attack. Everyone can contribute to the success of the Olympic Games by adopting simple and effective measures. 

A Digital Race Against The Clock 

In today's environment, with the rapid development of new technologies, companies mustn’t be content with spot checks of identities to protect themselves against potential threats. They need to be on constant alert and equip themselves with the tools they need to ensure their security. This is crucial for every company involved in the Olympics’ ecosystem. In an Olympic-sized supply chain of permanent staff, contractors and volunteers, everyone has a role to play in analysing access levels in their system. 

The HR department is particularly on the front line because of the sensitive data it processes and the authorisation it grants for a wide range of personnel.

From permanent workers in the International Olympic Committee, to temporary workers and contractors such as event coordinators, security and hospitality staff, HR must work closely with IT to implement stringent identity security controls and grant access on a need-to-know basis only. This is crucial to prevent gaps from opening up and the wrong identities creeping into systems. 

It is also crucial to empower every member of the organisation, whatever their role, whether they are employees or external collaborators. Fluid communication between departments is essential, as is prevention and training for stakeholders. 

Simulations and resilience testing, such as those provided by the ECB to banks to assess their ability to recover from a cyber attack, are an effective way to monitor the threat landscape and ensure preparedness in the event of an attempted breach. With this in mind, European legislation, with NIS2 next October and DORA in January 2025, will establish a new framework and is helping to increase levels of preparedness across industries. This is particularly the case with identity security, given user access points are often a frequent entry point for attacks.
In a high-risk context such as the Olympic Games, it is essential to put in place basic principles such as zero trust, where no access is considered reliable by default. A holistic view of corporate access must be adopted to ensure proper authorisation and to minimise the risk of gaps in security posture. An identity security solution that can grow with the size of the business and adapt to day-to-day changes is also essential.

In short, cyber security during major events is a collective challenge requiring vigilance, preparation and cooperation at all levels.

A unified identity security strategy enabling visibility across the digital ecosystem and ongoing team training are all key to guaranteeing the security and smooth running of large-scale events. Every individual and every organisation must play their part in countering threats and ensuring their success.

Steve Bradford is Senior Vice President EMEA at SailPoint

Image: Ideogram

You Might Also Read:

AI At The Paris 2024 Olympics

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Russian Cyberwar Methods Are Evolving
Millions Of US Voters Exposed Online »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

HackerOne

HackerOne

HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer.

DLA Piper

DLA Piper

DLA Piper is a global law firm with offices throughout the Americas, Asia Pacific, Europe and the Middle East. Practice areas include Cybersecurity.

Critical Infrastructures for Information and Cybersecurity (ICIC)

Critical Infrastructures for Information and Cybersecurity (ICIC)

ICIC addresses the demand for cybersecurity for National Public Sector organizations and civil and private sector organizations in Argentina.

Norton

Norton

NortonLifeLock is dedicated to helping secure the devices, identities, online privacy, and home and family needs of approximately 50 million consumers.

Blue Lights Digital

Blue Lights Digital

Blue Lights Digital have developed a range of platforms to support digital investigations, as well as providing continued support and education for investigations professionals.

FarrPoint

FarrPoint

FarrPoint is a specialist telecoms consultancy providing a range of services including cyber security assessments and technical assurance to safeguard your data.

Cyber Security Austria (CSA)

Cyber Security Austria (CSA)

Cyber Security Austria (CSA) is an independent non-profit association with the aim to address security issues in the area of IT/cyber security of critical/strategic infrastructures in Austria.

C2A Security

C2A Security

C2A Security offers a comprehensive suite of cyber security solutions for the automotive industry, providing in-vehicle end-to-end protection.

CONCORDIA

CONCORDIA

Concordia is a Cybersecurity Competence Network with leading research, technology, and competences to build the European Secure, Resilient and Trusted Ecosystem.

SecZetta

SecZetta

SecZetta provides third-party identity risk solutions that are easy to use, and purpose built to help organizations execute risk-based identity access and lifecycle strategies.

European Cyber Competence Network

European Cyber Competence Network

The purpose of the European Cyber Competence Network is to retain and develop the cybersecurity technological and industrial capacities of the EU necessary to secure its Digital Single Market.

Votiro

Votiro

Votiro is an award-winning cybersecurity company that specializes in file sanitization, ensuring every organization is safe from zero-day and undisclosed attacks.

Astute Technology Management

Astute Technology Management

Astute Technology Management helps businesses take control of their technology and work with greater confidence.

DeviQA

DeviQA

DeviQA provide best-in-class quality assurance services to companies of all sizes.

AuditBoard

AuditBoard

AuditBoard is the leading cloud-based platform transforming audit, risk, ESG, and InfoSec management.

Safe Data Storage

Safe Data Storage

Safe Data Storage offer a fully managed, professional, secure UK-based online backup service to businesses, education and charities.