Full Report
The Olympics are a global spectacle, uniting nations through the thrill of competition and the celebration of human achievement. During this year’s Winter Olympic and Paralympic Games we watched Alysa Liu reclaim figure skating, a sport she once left behind, landing in first place. The US women’s and men’s ice hockey teams took gold, ending a 46-year Olympic drought…
Analysis Summary
# Best Practices: High-Profile Event & Critical Infrastructure Cybersecurity
## Overview
These practices address the unique challenges of securing large-scale, global events (like the Olympic Games) and critical infrastructure. They focus on protecting massive, temporary IT ecosystems involving thousands of endpoints, preventing service disruptions during peak visibility windows, and ensuring the physical safety of participants through cyber-physical security.
## Key Recommendations
### Immediate Actions
1. **Endpoint Inventory:** Audit and secure all workstations and mobile devices (e.g., the 10,000+ workstations mentioned in the Paris model) connected to the event network.
2. **Asset Mapping:** Identify "Ground Zero" systems—those critical to high-visibility moments like opening ceremonies or live broadcasts—and apply enhanced monitoring.
3. **Threat Intelligence Sharing:** Establish real-time communication channels with industry-specific ISACs (Information Sharing and Analysis Centers) to monitor active threat actors.
### Short-term Improvements (1-3 months)
1. **Network Segmentation:** Isolate critical event infrastructure (scoring systems, broadcasting) from public-facing Wi-Fi and spectator networks.
2. **Incident Response Rehearsals:** Conduct "battle-ready" simulations (Tabletop Exercises) specifically targeting disruption scenarios for high-profile milestones.
3. **Supply Chain Audit:** Review security protocols for vendors and partners, as organized crime often targets the weakest link in the business model.
### Long-term Strategy (3+ months)
1. **Cyber-Physical Integration:** Align cybersecurity operations with physical security teams to protect spectator safety and critical utility infrastructure (water, power).
2. **Global Partnership Frameworks:** Formalize cooperation between international allies (e.g., NATO and Indo-Pacific partners) to share intelligence on transnational state-sponsored threats.
3. **Legacy Knowledge Transfer:** Document "Lessons Learned" from previous cycles (e.g., Paris 2024 to Milan Cortina 2026) to ensure continuity in defense posture.
## Implementation Guidance
### For Small Organizations (e.g., Rural Utilities)
- Use available federal or local funding (e.g., the FLOWS Act) to upgrade aging infrastructure.
- Focus on basic cyber hygiene to prevent being used as a pivot point for larger attacks.
### For Medium Organizations (e.g., Regional Vendors)
- Implement rigorous access controls for all remote employees and contractors.
- Participate in sector-specific ISACs (Food and Ag, Financial, etc.) to stay ahead of organized crime trends.
### For Large Enterprises (e.g., Olympic Committees/Global Sponsors)
- Deploy a full-scale Security Operations Center (SOC) dedicated to the duration of the high-profile event.
- Implement specialized protection against state-sponsored actors and sophisticated financial fraud groups.
## Configuration Examples
- **Zero Trust Architecture:** Implement "Never Trust, Always Verify" for all 10,000+ workstations, regardless of whether they are on the internal event network.
- **DDoS Mitigation:** Configure high-capacity cloud-based scrubbing services for all public-facing event websites to ensure availability during peak "Ground Zero" windows.
## Compliance Alignment
- **NIST Cybersecurity Framework (CSF):** For identifying and protecting critical assets.
- **ISO/IEC 27001:** For establishing a systematic Information Security Management System (ISMS).
- **CIS Controls:** For prioritizing technical security actions based on immediate threat data.
## Common Pitfalls to Avoid
- **Underestimating "Soft" Targets:** Focusing only on the main event while leaving secondary systems (like rural water or food supply chains) vulnerable.
- **Siloed Operations:** Failing to coordinate between IT security and physical security teams during crises.
- **Ignoring the Business Model:** Treating cybercrime as a technical bug rather than a sophisticated, organized business model that requires financial-level disruption.
## Resources
- **NIST Infrastructure Protection:** hxxps[://]www[.]nist[.]gov/cyberframework
- **INTERPOL Financial Fraud Reports:** hxxps[://]www[.]interpol[.]int/en/Who-we-are/Member-countries
- **ISAC Community (Information Sharing):** hxxps[://]www[.]nationalisacs[.]org/