Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

4/23/2020
02:00 PM
Shane Buckley
Shane Buckley
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Resiliency: The Trait National Sporting Leagues Share with Security & IT Teams

During unprecedented times such as these, both businesses and professional sports are forced to go back to basics.

The implications of COVID-19 go well beyond the issue of securing the now-majority of remote workers across the world. At the beginning of the month, 75% of Americans were under strict stay-at-home orders, requiring an urgent shift from the workplace to home. In some cases, this took place overnight. At the same time, McKinsey & Company estimates that up to 54 million net jobs are vulnerable to reductions in hours or pay, temporary furloughs, or permanent layoffs, reinforcing the inability to go back to work anytime soon.

With this sobering reality comes an urgent shift in business and security strategy for all industries, and the realization that we need to be able to do more with less. Less budget, fewer resources, and less in-person interaction and collaboration.

No industry is immune to this need to move virtual ways of working, from people in healthcare to entertainment and education. This brings me to the latest announcement in the ever-surprising reality of virtual events: The much-anticipated NFL draft is going virtual for the first time this evening.

In both the worlds of business and professional sports, resiliency is the key to adapting to challenging and trying times. We need to be able to adjust, adapt, stay secure, and get the most out of the situation with the tools ーor playersー at hand. The need for resiliency is one thing we can all agree on as we search for a path to normalcy.

Get Ready for the Unexpected — Virtually
IT and security professionals, along with the rest of us, have suddenly been thrust into a virtual economy where the demands on digital infrastructure ー and securing that infrastructure ー have changed instantly. Before the pandemic, we would have never imagined a time where teachers finished the spring semester via Zoom, Major League Baseball's spring training was cut short, opening day delayed, and stock market projections would be worse than that of the 2008 financial crisis.

In light of this new world we are living in, the NFL season is facing its first virtual move amid the pandemic in order to keep fans engaged, allow dreams to come true for college stars who have dedicated their lives to the sport, and hopefully provide sports fans around the country with a light at the end of the tunnel for the fall kickoff.

Nearly every person will watch the virtual draft remotely tonight because the league's commissioner, Roger Goodell, is broadcasting it from his home basement. With this virtual move comes its own set of security risks and demands on IT infrastructure, as threat actors look to take advantage of online activity. The thought of an opposing team having access to sensitive information, such as a team's playbook or draft strategy, could be the end to the team's season before it even starts.

We're All Transforming, Overnight
While some may think the virtual draft will negatively affect scouts and teams, others disagree. If the NFL wants to have a season and fans that will tune into it, it has to create the excitement early with something as monumental as the draft. The same can be said for security leaders during this time who had to adjust quickly, get their teams on board, and instill trust with their customer base. Of course, it's expected that there will be some levels of discomfort among these rapid changes, but adapting and remaining resilient is key.

Security should always be at the forefront of business strategy and planning, but especially now amid the remote workforce and subsequent growing attack surface that requires a secure and borderless network. It's important that IT and security teams can protect the remote workforce from opportunistic hackers looking to take advantage of virtual events like Draft Day or other online activities. It's critical for networks to be secure, maintain their performance, and keep up the good user experience amid these changes. These requirements are part of maintaining business continuity, which is incredibly important during this time.

Together, Let's Learn and Adapt to this New World
During unprecedented times such as these, businesses and professional sports alike are forced to go back to basics. We don't have the benefit of in-person interaction, advice, and consultation like we once did. Security teams are forced to do more with less — from a resource, team, and budget perspective — as are NFL coaches during a virtual draft.

The solution lies in having the right kind of data to help you understand performance — again, a parallel between network performance and the draft. Coaches will have to lean on previously stored data and statistics rather than speaking directly to a scout, player, or analyst in the moment. Some say it's like the draft is going back in time to that of the 1970s, but I like to think we're adapting and learning new ways of working and living.

Security and infosec pros tasked with complex infrastructure development, implementation, maintenance, and security need a clear view into what's happening within the network, and they need it quickly. While our current situation will be fluid for some time, what is here to stay is the need for performance and security in a rapidly shifting network and the optimization of costs with an uncertain budget. Being resilient during these times is key, and we'll need to remember how we got through these times, even as we get back to "normal." Personally, I'm looking forward to tuning into the NFL season this fall, and continuing to cheer on my team, even if it's from home.

Related Content:

A listing of free products and services compiled for Dark Reading by Omdia analysts to help meet the challenges of COVID-19. 

Shane Buckley is President and Chief Operating Officer of Gigamon with responsibility for expanding the company's business and markets worldwide. He brings more than 20 years of executive management experience to the team and joins Gigamon from Xirrus where he was CEO prior ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/1/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Attacker Dwell Time: Ransomware's Most Important Metric
Ricardo Villadiego, Founder and CEO of Lumu,  9/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19393
PUBLISHED: 2020-10-01
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content (such as JavaScript or other client-side scripts) as the c...
CVE-2020-16844
PUBLISHED: 2020-10-01
In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g. *-some-suffix) for source principals or namespace fields, callers will never be denied access, bypassing the intended policy.
CVE-2020-24620
PUBLISHED: 2020-10-01
Unisys Stealth(core) before 4.0.132 stores Passwords in a Recoverable Format.
CVE-2020-25017
PUBLISHED: 2020-10-01
Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoy’s setCopy() header map API does not replace all existing occurences of a non-inline header.
CVE-2020-25018
PUBLISHED: 2020-10-01
Envoy master between 2d69e30 and 3b5acb2 may fail to parse request URL that requires host canonicalization.