Exclusive: Protecting Wimbledon 2021 from cybercriminals
James Thorpe
Share this content
With the return of major sports events this year and digital experiences becoming a key component for fan engagement around the world, IBM’s Martin Borrett discusses how they kept the personal data of thousands of tennis fans out of the hands of hackers and cybercriminals during this year’s Wimbledon tournament.
After little to no sport or major events in 2020, including the first-ever delayed Olympics and a cancelled Wimbledon, it was unsurprising that many around the world were looking forward to the return of these events in 2021.
However, whereas the vast majority of people saw the return of major sports as a positive sign that the world is slowly recovering from the pandemic and that friends, families and communities could safely interact again; there will always be a small minority that looks to cause disruption and damage.
Events like the Euros, Olympics and Wimbledon – all of which have graced our screens so far this summer – are often among the first and very natural test-beds for new technologies and innovations. For example, this year, the Tokyo Olympic Village introduced autonomous electric vehicles and robotic basketball players. At Wimbledon, IBM, in partnership with the All England Lawn Tennis Club (AELTC), introduced several new ground-breaking AI systems using IBM Watson to enhance the fan experience.
The deployment of innovative technologies at high-profile events is growing but so too is the risk from cyber attackers. Risk and reward have to be balanced against one another to ensure that continued innovation does not come at the expense of security. Whilst we introduced three new tools at Wimbledon for fans around the world to enjoy, ranging from IBM Power Rankings, pre-match insights fact sheets and personalised highlights reels, we also deployed cognitive security technology to protect the British tennis tournament from cyber threats.
IBM Cloud powered all of our tools and it proved more than up to the task. The pandemic has proven that digital experiences should be a core offering for any event but especially those on a global scale that take place over several days or weeks. Inevitably, with these sorts of events, there will be spikes in digital traffic so any deployed technology must be scalable, like IBM Cloud. At Wimbledon, the infrastructure easily scaled and never compromised on performance and the integrated security capabilities scaled too, blocking millions of threats throughout the tournament.
The human touch
Having the appropriate, scalable and intuitive technology in place does not mean it is a hands-off operation for people. Like any good security apparatus, it is important to have a multi-layered approach to protect every part of the infrastructure. Experienced and expert teams are just as integral as the technology. At Wimbledon, IBM Security Analysts constantly monitored the infrastructure, using the world-class IBM QRadar Security Information and Event Management (SIEM), to identify potential attacks and rank the incidents by the level of urgency.
Ranking and understanding any threat is the first step in devising a solution to addressing it. Traditionally, an initial investigation involves analysts manually searching multiple information sources and can take around an hour to complete. When dealing with a cyber-attack during a high profile, fast-paced, time-critical event, an hour is a lifetime.
This is where augmented intelligence comes into play as it enables rapid threat investigation. IBM QRadar Advisor with Watson technology enriches data provided by the SIEM solution, offering a recommended set of actions based on its analysis of a given threat. When deployed at Wimbledon it enabled the IBM security team to react to incidents 60 times quicker.
For several years, analyst teams have benefited from using IBM QRadar Advisor with Watson to reduce the time taken to investigate incidents to just a few minutes. Watson ingests, analyses and understands millions of individual pieces of information relating to attacks, threats, exploits, vulnerabilities, threat actors and malware and augments analysts’ knowledge with extensive information that would otherwise be out of reach to them. The benefits of IBM QRadar Advisor with Watson are not just limited to being capable of responding to threats faster but the provided augmented intelligence also gives analysts better insight and more accurate intelligence to help shape the best possible response.
Regardless of the day or time – 5pm on a Friday or 10am on a Monday – IBM QRadar Advisor with Watson augments human intelligence so that the analysts are driving consistent and thorough investigations every time.
Changing the game
When cognitive security technologies are implemented, they become an invaluable addition to any analyst team by reducing Mean Time to Detect (MTTD) and Mean Time to Resolve (MTTR) with a faster and more decisive escalation process. The technologies help determine the root cause, analyse and provide analysts with confidence on their next steps by mapping the attack to the MITRE ATT&CK model.
Empowering analysts to identify and address real threats hidden during any major event is game-changing. When deployed at Wimbledon, the IBM team analysed five times as many security threats throughout the two-week tournament.
As we continue to enjoy a summer of sport and event organisers examine avenues to increase their offered digital experiences for this year and beyond, it is important to remember that innovation and security come hand-in-hand. The security of fans and their data should never be an acceptable risk for any event and when intuitive technology and experienced security teams are deployed in unison, they are a formidable barrier to any threat.
For the likes of Wimbledon, whilst fans were enjoying the action on the courts, no matter where in the world they were, they were continuously protected by the unseen security team and technology which was ready to protect, detect and respond to whatever shots were played by their cyber opponents – game, set and match IBM.
By Martin Borrett, CTO of IBM Security EMEA and IBM Distinguished Engineer.