Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

4/23/2020
02:00 PM
Shane Buckley
Shane Buckley
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Resiliency: The Trait National Sporting Leagues Share with Security & IT Teams

During unprecedented times such as these, both businesses and professional sports are forced to go back to basics.

The implications of COVID-19 go well beyond the issue of securing the now-majority of remote workers across the world. At the beginning of the month, 75% of Americans were under strict stay-at-home orders, requiring an urgent shift from the workplace to home. In some cases, this took place overnight. At the same time, McKinsey & Company estimates that up to 54 million net jobs are vulnerable to reductions in hours or pay, temporary furloughs, or permanent layoffs, reinforcing the inability to go back to work anytime soon.

With this sobering reality comes an urgent shift in business and security strategy for all industries, and the realization that we need to be able to do more with less. Less budget, fewer resources, and less in-person interaction and collaboration.

No industry is immune to this need to move virtual ways of working, from people in healthcare to entertainment and education. This brings me to the latest announcement in the ever-surprising reality of virtual events: The much-anticipated NFL draft is going virtual for the first time this evening.

In both the worlds of business and professional sports, resiliency is the key to adapting to challenging and trying times. We need to be able to adjust, adapt, stay secure, and get the most out of the situation with the tools ーor playersー at hand. The need for resiliency is one thing we can all agree on as we search for a path to normalcy.

Get Ready for the Unexpected — Virtually
IT and security professionals, along with the rest of us, have suddenly been thrust into a virtual economy where the demands on digital infrastructure ー and securing that infrastructure ー have changed instantly. Before the pandemic, we would have never imagined a time where teachers finished the spring semester via Zoom, Major League Baseball's spring training was cut short, opening day delayed, and stock market projections would be worse than that of the 2008 financial crisis.

In light of this new world we are living in, the NFL season is facing its first virtual move amid the pandemic in order to keep fans engaged, allow dreams to come true for college stars who have dedicated their lives to the sport, and hopefully provide sports fans around the country with a light at the end of the tunnel for the fall kickoff.

Nearly every person will watch the virtual draft remotely tonight because the league's commissioner, Roger Goodell, is broadcasting it from his home basement. With this virtual move comes its own set of security risks and demands on IT infrastructure, as threat actors look to take advantage of online activity. The thought of an opposing team having access to sensitive information, such as a team's playbook or draft strategy, could be the end to the team's season before it even starts.

We're All Transforming, Overnight
While some may think the virtual draft will negatively affect scouts and teams, others disagree. If the NFL wants to have a season and fans that will tune into it, it has to create the excitement early with something as monumental as the draft. The same can be said for security leaders during this time who had to adjust quickly, get their teams on board, and instill trust with their customer base. Of course, it's expected that there will be some levels of discomfort among these rapid changes, but adapting and remaining resilient is key.

Security should always be at the forefront of business strategy and planning, but especially now amid the remote workforce and subsequent growing attack surface that requires a secure and borderless network. It's important that IT and security teams can protect the remote workforce from opportunistic hackers looking to take advantage of virtual events like Draft Day or other online activities. It's critical for networks to be secure, maintain their performance, and keep up the good user experience amid these changes. These requirements are part of maintaining business continuity, which is incredibly important during this time.

Together, Let's Learn and Adapt to this New World
During unprecedented times such as these, businesses and professional sports alike are forced to go back to basics. We don't have the benefit of in-person interaction, advice, and consultation like we once did. Security teams are forced to do more with less — from a resource, team, and budget perspective — as are NFL coaches during a virtual draft.

The solution lies in having the right kind of data to help you understand performance — again, a parallel between network performance and the draft. Coaches will have to lean on previously stored data and statistics rather than speaking directly to a scout, player, or analyst in the moment. Some say it's like the draft is going back in time to that of the 1970s, but I like to think we're adapting and learning new ways of working and living.

Security and infosec pros tasked with complex infrastructure development, implementation, maintenance, and security need a clear view into what's happening within the network, and they need it quickly. While our current situation will be fluid for some time, what is here to stay is the need for performance and security in a rapidly shifting network and the optimization of costs with an uncertain budget. Being resilient during these times is key, and we'll need to remember how we got through these times, even as we get back to "normal." Personally, I'm looking forward to tuning into the NFL season this fall, and continuing to cheer on my team, even if it's from home.

Related Content:

A listing of free products and services compiled for Dark Reading by Omdia analysts to help meet the challenges of COVID-19. 

Shane Buckley is President and Chief Operating Officer of Gigamon with responsibility for expanding the company's business and markets worldwide. He brings more than 20 years of executive management experience to the team and joins Gigamon from Xirrus where he was CEO prior ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3493
PUBLISHED: 2021-04-17
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivile...
CVE-2021-3492
PUBLISHED: 2021-04-17
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (ker...
CVE-2020-2509
PUBLISHED: 2021-04-17
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later Q...
CVE-2020-36195
PUBLISHED: 2021-04-17
An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia C...
CVE-2021-29445
PUBLISHED: 2021-04-16
jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...