Security Beyond the Field

Security Beyond the Field

How venues can defend themselves from cybercrime during events

As you walk into a venue to cheer on your favorite team, or see a favorite singer or show, it’s likely that one of the last things on your mind is the potential for a cyber attack. At any stadium or venue, fans can often see the presence of security cameras or police officers on the lookout for suspicious behavior, but what’s going on behind the scenes to protect a venue’s IT infrastructure?

We know cyber attacks are penetrating every industry—from finance and banking to travel and hospitality. And, as businesses increasingly interact with their customers through technology, the amount of data generated via online transactions, social profiles, etc., will continue to grow, providing hackers more opportunity to get ahold of valuable data and create massive disruption.

The threat of cyber attacks has long been on the minds of government organizations and businesses, but large-scale events and venues need to be wary of the threats that can infiltrate every layer of technology during a live sporting event, concert or conference. The technology that is required to keep 100,000 fans streaming videos or sharing the live action is becoming more connected, making these spaces even more vulnerable and valuable to attackers. Beyond the risk of digital disruption are all the ways that a cyber attacker can threaten the public safety of the event. The Jumbotron or the sound system are both critical systems and they could be used to cause panic in a crowd.

The Changing Landscape of Cyberattacks

At this point, it feels like a new data breach makes headlines on a weekly basis. In 2018 alone, a number of well-known companies publicly disclosed data breaches. Marriott, for instance, reported 8.6 million payment cards were involved in a breach to its reservation database. British Airways announced more than 380,000 card payments on its website had been comprised, and social media giant Facebook announced the data of over 50 million users was compromised in an attack that affected user accounts.

No company today is completely safe from potential attacks—the threat landscape has been evolving to become more aggressive and intelligent, meaning businesses must have the right technology and people in place to protect themselves against potential threats. Adding
to the complex nature of today’s threat landscape, businesses are
also evolving to focus on more digital services and offerings, meaning
there’s ample opportunity for hackers to infiltrate a company’s IT infrastructure and get ahold of critical business and user information.

As we continue to see large consumer-facing brands in the headlines,
how can venues avoid becoming the next major target for cybercriminals?

Venues—The Next Big Cyber Target?

Large venues, conference centers and arenas offer ample opportunity
for hackers to get ahold of data. The Mercedes-Benz Stadium, the
host of the 2018 Super Bowl, can accommodate up to 71,000 fans.
The Indianapolis Motor Speedway, the largest sports venue in the
United States, can accommodate up to 257,000 people. With capacities
this large, venues automatically provide plenty of opportunities
for hackers to take advantage of the data fans bring into stadiums
and the technology that keeps an event running smoothly.
Going beyond the digital devices fans bring to an event, venues
have a vast environment of IT networking equipment behind the
scenes that is vulnerable to an attack. Venues have infrastructure in
place to ensure smooth and safe operations.

For instance, industrial control systems, streaming technologies
and communications mechanisms for public safety and crowd control
are just a few examples of the types of capabilities that require complex
IT infrastructure, and these systems are all managed by teams of
IT personnel who often go unnoticed by fans during events. On top
of ensuring live events run smoothly for fans, both inside and outside
of a venue, IT teams must ensure their infrastructure is working efficiently
and effectively to reduce the risks to public safety.

This is a big task for IT teams that are often limited in size and
resources, meaning it’s critical that they have the right cyber infrastructure
and resources in place to ensure smooth and safe operations
for guests. In January, the 2019 College Football Playoff National
Championship saw more than 240,000 events generated in the twoday
period surrounding the game. This is a huge volume of events
to manage, and to put it into perspective, it would likely take 125
trained analysts to investigate this number of events within this timeframe—
yet most venues don’t have the luxury of having teams of this
size. To overcome this challenge, it’s important for venues to consider
augmenting human capability with the right tools to meet today’s
cyber infrastructure needs.

As cyberattacks continue to become more prevalent, impactful
and damaging, venues—like other businesses—cannot afford to
stand on the sidelines of cyber modernization, they must take steps
now to prevent potential threats from making an impact in the future.

The following are three considerations for prepping a venue for
the future of cybercrime.

Combine the Best of Human
Judgement with the Scale
and Flexibility of Technology

More likely than not, the threat landscape will continue to grow in
complexity and expand its impact, yet venues, like other organizations,
struggle to find the talent needed to thwart threats. In fact,
according to (ISC)2, organizations globally are facing a shortage of
almost 3 million cybersecurity professionals.

As IT teams continue to be stretched for resources and talent, venues
must look to combine the abilities of human insight and decisionmaking
with the depth of analysis that technology provides. IT teams
today don’t have the luxury of excess time to hire, train and retain the
analysts they need, plus the old ways of building SOCs are outdated,
expensive and time-consuming.

Teams today need modern systems that can handle the large
amount of data sources and help to automate the decision-making
process to free up analyst time and help security teams operate at a
more effective level. This means investing in tools that go beyond providing
alerts to providing the context needed to help analysts spend
time on the situations that truly matter. For example, platforms that
use mathematical models, like a Bayesian inference, an approach that
focuses on making decisions under uncertainty, can better inform decision-
making and prevent mistakes. This approach embeds expertise
and provides analysts with a deeper, more accurate understanding of
the relationships between the variables to better diagnose threats and
better position themselves within their organization.

Understand the Environment and
Focus on the Data that Matters

With the right combination of people and technology in place, security
teams are positioned to be more efficient and accurate, but they
must first determine what’s most important to the organization. As
the amount of security sensors and data types continues to expand,
security teams can easily get overwhelmed by the data that needs to
be monitored and analyzed.

As a first step, teams must first identify and prioritize the venue’s
critical data sources to determine what’s most important and impactful
for ensuring security events are mitigated before the cause damage.
For example, endpoint protection, network intrusion detection
and web proxy/filtering are three critical data sources to consider for
frontline monitoring.

It is also important to go beyond the data and understand the
environment that needs monitoring. Critical and high-value assets,
such as IT infrastructure, communications systems and public safety
systems, should be prioritized and analyzed in context to ensure security
teams can make accurate escalation decisions if and when an
event occurs.

Critical and high-value accounts, such as IT administration account,
executives and other high-level privileges, as well as external
intelligence like geo-location data, should also be taken into consideration
when analyzing a venue’s security environment.
Once the data that matters most is identified, teams can more accurately
establish network security procedures, and begin to develop
an incident response plan that is designed to best secure a venue and
its visitors.

Boost Collaboration Between
All Security Stakeholders

Technology integrations can only be successful when venues ensure
they are bolstering collaboration between all stakeholders, including
IT and security teams, operations and law enforcement officials. Like
other large businesses, the scale of operations at venues can be complex
and fast moving, meaning teams must be tightly organized and
able to react to quickly changing environments on short notice.

With the right technology on standby to gather, analyze and alert
analysts, venues must involve all security stakeholders early on to ensure
alerts can be acted on when necessary, especially when public
safety is at stake. Security Analysts must work quickly and be in sync
with security and law enforcement teams to prevent potential harm
to venue guests.

It is only a matter of time before a major cyberattack affects a
large event somewhere in the United States, so venues must be prepared
to act quickly and effectively before large-scale disruption,
revenue loss or harm occurs. Only when the best
capabilities of both human team members and
technology are combined, will venues be better
able to respond to threats and prevent them from
making an impact in the first place.

This article originally appeared in the May/June 2019 issue of Security Today.


  • 12 Commercial Crime Sites to Do Your Research

    12 Commercial Crime Sites to Do Your Research

    Understanding crime statistics in your industry and area is crucial for making important decisions about your security budget. With so much information out there, how can you know which statistics to trust? Read Now

  • Boosting Safety and Efficiency

    Boosting Safety and Efficiency

    In alignment with the state of Mississippi’s mission of “Empowering Mississippi citizens to stay connected and engaged with their government,” Salient's CompleteView VMS is being installed throughout more than 150 state boards, commissions and agencies in order to ensure safety for thousands of constituents who access state services daily. Read Now

  • Live From GSX: Post-Show Review

    Live From GSX: Post-Show Review

    This year’s Live From GSX program was a rousing success! Again, we’d like to thank our partners, and IPVideo, for working with us and letting us broadcast their solutions to the industry. You can follow our Live From GSX 2023 page to keep up with post-show developments and announcements. And if you’re interested in working with us in 2024, please don’t hesitate to ask about our Live From programs for ISC West in March or next year’s GSX. Read Now

    • Industry Events
    • GSX
  • People Say the Funniest Things

    People Say the Funniest Things

    By all accounts, GSX version 2023 was completely successful. Apparently, there were plenty of mix-ups with the airlines and getting aircraft from the East Coast into Big D. I am all ears when I am in a gathering of people. You never know when a nugget of information might flip out. Read Now

    • Industry Events
    • GSX

Featured Cybersecurity


New Products

  • XS4 Original+

    XS4 Original+

    The SALTO XS4 Original+ design is based on the same proven housing and mechanical mechanisms of the XS4 Original. The XS4 Original+, however, is embedded with SALTO’s BLUEnet real-time functionality and SVN-Flex capability that enables SALTO stand-alone smart XS4 Original+ locks to update user credentials directly at the door. Compatible with the array of SALTO platform solutions including SALTO Space data-on-card, SALTO KS Keys as a Service cloud-based access solution, and SALTO’s JustIn Mobile technology for digital keys. The XS4 Original+ also includes RFID Mifare DESFire, Bluetooth LE and NFC technology functionality. 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3