The Paris Olympics: More Than Just Gold Medals Are At Stake

Uploaded on 2024-08-05 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The Olympic Games generates a worldwide buzz that goes far beyond sporting excitement. Since the first Games in 1896, this event has been an opportunity to promote understanding and peace among nations in the spirit of friendly competition. However, in today’s digital world, more than gold medals are at stake when it comes to this year’s iconic sporting event. 

The Games have gradually become a target for cyber criminals, who see it as a way to cause major disruption on the world stage.

The Tokyo Games recorded 450 million cyber attacks. The Paris Games are expected to see 8 to 10 times as many attempts. Even before the Games began, Microsoft’s Threat Analysis Centre warned against ‘malign disinformation campaigns’ exploiting AI. Technological developments, interconnected networks and a complex geopolitical landscape all contribute to this increased vulnerability. It is therefore crucial for all stakeholders to remain vigilant and to see these events as a lever for collective awareness of cyber threats. 

Eyes Wide Open On Security

Measures have been put in place from the outset to guard against potential attacks. The ‘JOP Massifié’ exercise kit, provided by the French Cybersecurity Agency ANSSI, has been invaluable. Intrusion and network surveillance tests have also been carried out beforehand, as well as the application of new systems such as algorithmic video surveillance (VSA), which was tested at Taylor Swift's Paris concerts in the spring. 

With threats ranging from deepfakes, to ransomware and social engineering tactics, all of which can hack into systems and sensitive data, what appears to be a simple disruption can become a major security breach. Public infrastructure is a prime target, given the huge crowds of spectators at the Games.  The telecommunications sector, with the multitude of exchanges over the coming few weeks, is particularly at risk, as are hospitality and transport industries, with an increase in the number of visitors to sites. Online,  have already tried to lure consumers with fake tickets.    

Between tourists, athletes, sports federations, partner companies and public authorities, the playground for hackers is virtually unlimited. So, it's vital to keep a close eye on potential threats, given the chain reactions they can provoke.

What's at stake is not only national - and international - security, but also the economic losses that could result from a massive attack. Everyone can contribute to the success of the Olympic Games by adopting simple and effective measures. 

A Digital Race Against The Clock 

In today's environment, with the rapid development of new technologies, companies mustn’t be content with spot checks of identities to protect themselves against potential threats. They need to be on constant alert and equip themselves with the tools they need to ensure their security. This is crucial for every company involved in the Olympics’ ecosystem. In an Olympic-sized supply chain of permanent staff, contractors and volunteers, everyone has a role to play in analysing access levels in their system. 

The HR department is particularly on the front line because of the sensitive data it processes and the authorisation it grants for a wide range of personnel.

From permanent workers in the International Olympic Committee, to temporary workers and contractors such as event coordinators, security and hospitality staff, HR must work closely with IT to implement stringent identity security controls and grant access on a need-to-know basis only. This is crucial to prevent gaps from opening up and the wrong identities creeping into systems. 

It is also crucial to empower every member of the organisation, whatever their role, whether they are employees or external collaborators. Fluid communication between departments is essential, as is prevention and training for stakeholders. 

Simulations and resilience testing, such as those provided by the ECB to banks to assess their ability to recover from a cyber attack, are an effective way to monitor the threat landscape and ensure preparedness in the event of an attempted breach. With this in mind, European legislation, with NIS2 next October and DORA in January 2025, will establish a new framework and is helping to increase levels of preparedness across industries. This is particularly the case with identity security, given user access points are often a frequent entry point for attacks.
In a high-risk context such as the Olympic Games, it is essential to put in place basic principles such as zero trust, where no access is considered reliable by default. A holistic view of corporate access must be adopted to ensure proper authorisation and to minimise the risk of gaps in security posture. An identity security solution that can grow with the size of the business and adapt to day-to-day changes is also essential.

In short, cyber security during major events is a collective challenge requiring vigilance, preparation and cooperation at all levels.

A unified identity security strategy enabling visibility across the digital ecosystem and ongoing team training are all key to guaranteeing the security and smooth running of large-scale events. Every individual and every organisation must play their part in countering threats and ensuring their success.

Steve Bradford is Senior Vice President EMEA at SailPoint

Image: Ideogram

You Might Also Read:

AI At The Paris 2024 Olympics

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Russian Cyberwar Methods Are Evolving
Millions Of US Voters Exposed Online »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cybersecurity Philippines CERT (CSP-CERT)

Cybersecurity Philippines CERT (CSP-CERT)

Cybersecurity Philippines CERT is the national Computer Emergency Response Team for the Philippines.

NRD Cyber Security

NRD Cyber Security

NRD Cyber Security create a secure digital environment for countries, governments, and organisations and implement cybersecurity resilience enhancement projects around the world.

Digital Guardian

Digital Guardian

Digital Guardian is a next generation data protection platform designed to stop data theft.

Resolver

Resolver

Resolver’s Integrated Risk Management platform helps plan and prepare your organization to limit the likeliness or impact of security risk and compliance events from occurring.

SecuGen

SecuGen

SecuGen is a leading provider of advanced, optical fingerprint recognition technology, products, tools and platforms for physical and information security.

CERT NZ

CERT NZ

CERT NZ supports businesses, organisations and individuals affected by cyber security incidents, and provide trusted and authoritative information and advice.

Zivaro

Zivaro

Zivaro provides transformational consulting and technology services to help clients attain real business value from their technology investments.

Dracoon

Dracoon

DRACOON is market leader in the German-speaking region for secure enterprise file sharing.

Zamna

Zamna

Zamna (formerly VChain Technology) is an award-winning software company building GDPR compliant identity platforms for the aviation industry.

MyDocSafe

MyDocSafe

MyDocSafe is an all-in-one document security and e-sign software.

OSIbeyond

OSIbeyond

OSIbeyond provides comprehensive Managed IT Services to organizations in the Washington D.C., MD, and VA area including IT Help Desk Support, Cloud Solutions, Cybersecurity, and Technology Strategy.

TrustGrid

TrustGrid

Trustgrid is a pioneer and leader in secure, cloud-native software-defined connectivity.

Input Output (IOHK)

Input Output (IOHK)

IOHK is one of the world's pre-eminent blockchain infrastructure research and engineering companies.

BlockSec

BlockSec

BlockSec is dedicated to building blockchain security infrastructure. The team is founded by top security researchers and experiencedexperts from both academia and industry.

Quantum Security Services

Quantum Security Services

Quantum Security Services is a specialist information security firm providing a range of risk, compliance and technical security services.

Frontier Technology Inc. (FTI)

Frontier Technology Inc. (FTI)

Frontier Technology Inc provides the technology and deep data expertise to drive the best defense and intelligence solutions.