The Paris Olympics: More Than Just Gold Medals Are At Stake

Uploaded on 2024-08-05 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The Olympic Games generates a worldwide buzz that goes far beyond sporting excitement. Since the first Games in 1896, this event has been an opportunity to promote understanding and peace among nations in the spirit of friendly competition. However, in today’s digital world, more than gold medals are at stake when it comes to this year’s iconic sporting event. 

The Games have gradually become a target for cyber criminals, who see it as a way to cause major disruption on the world stage.

The Tokyo Games recorded 450 million cyber attacks. The Paris Games are expected to see 8 to 10 times as many attempts. Even before the Games began, Microsoft’s Threat Analysis Centre warned against ‘malign disinformation campaigns’ exploiting AI. Technological developments, interconnected networks and a complex geopolitical landscape all contribute to this increased vulnerability. It is therefore crucial for all stakeholders to remain vigilant and to see these events as a lever for collective awareness of cyber threats. 

Eyes Wide Open On Security

Measures have been put in place from the outset to guard against potential attacks. The ‘JOP Massifié’ exercise kit, provided by the French Cybersecurity Agency ANSSI, has been invaluable. Intrusion and network surveillance tests have also been carried out beforehand, as well as the application of new systems such as algorithmic video surveillance (VSA), which was tested at Taylor Swift's Paris concerts in the spring. 

With threats ranging from deepfakes, to ransomware and social engineering tactics, all of which can hack into systems and sensitive data, what appears to be a simple disruption can become a major security breach. Public infrastructure is a prime target, given the huge crowds of spectators at the Games.  The telecommunications sector, with the multitude of exchanges over the coming few weeks, is particularly at risk, as are hospitality and transport industries, with an increase in the number of visitors to sites. Online,  have already tried to lure consumers with fake tickets.    

Between tourists, athletes, sports federations, partner companies and public authorities, the playground for hackers is virtually unlimited. So, it's vital to keep a close eye on potential threats, given the chain reactions they can provoke.

What's at stake is not only national - and international - security, but also the economic losses that could result from a massive attack. Everyone can contribute to the success of the Olympic Games by adopting simple and effective measures. 

A Digital Race Against The Clock 

In today's environment, with the rapid development of new technologies, companies mustn’t be content with spot checks of identities to protect themselves against potential threats. They need to be on constant alert and equip themselves with the tools they need to ensure their security. This is crucial for every company involved in the Olympics’ ecosystem. In an Olympic-sized supply chain of permanent staff, contractors and volunteers, everyone has a role to play in analysing access levels in their system. 

The HR department is particularly on the front line because of the sensitive data it processes and the authorisation it grants for a wide range of personnel.

From permanent workers in the International Olympic Committee, to temporary workers and contractors such as event coordinators, security and hospitality staff, HR must work closely with IT to implement stringent identity security controls and grant access on a need-to-know basis only. This is crucial to prevent gaps from opening up and the wrong identities creeping into systems. 

It is also crucial to empower every member of the organisation, whatever their role, whether they are employees or external collaborators. Fluid communication between departments is essential, as is prevention and training for stakeholders. 

Simulations and resilience testing, such as those provided by the ECB to banks to assess their ability to recover from a cyber attack, are an effective way to monitor the threat landscape and ensure preparedness in the event of an attempted breach. With this in mind, European legislation, with NIS2 next October and DORA in January 2025, will establish a new framework and is helping to increase levels of preparedness across industries. This is particularly the case with identity security, given user access points are often a frequent entry point for attacks.
In a high-risk context such as the Olympic Games, it is essential to put in place basic principles such as zero trust, where no access is considered reliable by default. A holistic view of corporate access must be adopted to ensure proper authorisation and to minimise the risk of gaps in security posture. An identity security solution that can grow with the size of the business and adapt to day-to-day changes is also essential.

In short, cyber security during major events is a collective challenge requiring vigilance, preparation and cooperation at all levels.

A unified identity security strategy enabling visibility across the digital ecosystem and ongoing team training are all key to guaranteeing the security and smooth running of large-scale events. Every individual and every organisation must play their part in countering threats and ensuring their success.

Steve Bradford is Senior Vice President EMEA at SailPoint

Image: Ideogram

You Might Also Read:

AI At The Paris 2024 Olympics

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Russian Cyberwar Methods Are Evolving
Millions Of US Voters Exposed Online »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Titania

Titania

Titania provide network security and compliance software. Find your Network Security gaps before hackers do with our security & compliance tools.

Operational Center for Information Systems Security (COSSI)

Operational Center for Information Systems Security (COSSI)

COSSI is responsible for the detection and mitigation of cyber attacks directed at French Government information systems.

Conviso

Conviso

Conviso is a consulting company specialized in Application Security and Security Research.

InnoValor

InnoValor

InnoValor realises value from digital innovation for organisations and government. We provide advisory services and develop innovative software solutions, based on our background in research.

Trustelem

Trustelem

Trustelem offers European and global companies a ready-to-use access management service that respects the principles of sovereignty, territoriality and privacy.

ArmorText

ArmorText

ArmorText offers a seamless channel for communication and collaboration for organizations concerned with keeping communication data private and secure.

RFA

RFA

RFA is an institutional-quality IT, financial cloud and cyber-security services provider to the financial service and investment management sector.

BigPanda

BigPanda

BigPanda is the first provider of Autonomous Operations solutions that empower IT Operations at large, complex enterprises.

Tetra Tech

Tetra Tech

Tetra Tech is a cybersecurity leader with extensive experience in supporting enterprise-wide programs and systems across multiple business lines from industrial control systems to health IT.

Nisos

Nisos

Nisos provides unrivaled protection of your reputation and assets through the practice of Active Defense.

Framatome

Framatome

Framatome Cybersecurity portfolio is directly inspired by its unique experience in nuclear safety for critical information systems and electrical systems design.

Security Risk Management (SRM)

Security Risk Management (SRM)

SRM provide a comprehensive security risk management service encompassing people, processes, technology, governance, compliance and risk management.

PhishFirewall

PhishFirewall

PhishFirewall is an advanced AI-driven CyberSecurity Awareness Education, Threat Emulation, and Human Security Analytics Platform.

Fusion Cyber

Fusion Cyber

Fusion Cyber educates students in Zero Trust Risk Management, Defense, and Cyber Offense that lead to taking industry-accepted cybersecurity certifications.

Evo Security

Evo Security

Evo Security is an Identity and Access Management company focused exclusively on serving MSPs, MSSPs and their SMB and Mid-Market customers.

Mirazon

Mirazon

Mirazon was formed to provide networking infrastructure assistance to businesses large or small. We provide Managed IT Services, Cybersecurity, and IT Consulting.