Case Studies Major Sports Organization Protects Critical Infrastructure With Deception Technology

Edit This Case Study Record

	Major Sports Organization Protects Critical Infrastructure With Deception Technology

Major Sports Organization Protects Critical Infrastructure With Deception Technology

Technology Category	Cybersecurity & Privacy - Intrusion Detection Cybersecurity & Privacy - Network Security
Applicable Industries	Security & Public Safety Telecommunications
Applicable Functions	Business Operation Facility Management
Use Cases	Intrusion Detection Systems Remote Asset Management
Services	Cybersecurity Services System Integration
Challenge	The organization was mainly concerned about security threats to their SCADA network. In particular, the infosec team was most concerned about an attack that could work to shut down and lock their ICS systems – putting people in danger and potentially causing serious bodily harm. They did not have the resources (headcount, budget, infrastructure) to deploy and maintain a wide array of prevention tools to protect their network from outside threats. Additionally, ICS devices are not always easily patched or enabled to run antivirus solutions. They needed to know exactly where the weaknesses in their network were so that they could focus their resources on fixing the specific areas that needed attention. Furthermore, the infosec team knew that there were multiple misconfigurations in their network, but had little idea as to where those misconfigurations were or what needed to be done to fix them. Read More
About Customer	A major league sports organization faced significant cybersecurity challenges, particularly concerning their ICS-SCADA network. This organization hosts large sporting events that are televised live, making network security paramount to ensure uninterrupted operations and the safety of attendees. The infosec team was under-resourced, lacking the headcount, budget, and infrastructure to deploy and maintain a wide array of prevention tools. They needed a solution that provided visibility into their network, identified misconfigurations, and offered actionable alerts without generating a large volume of false positives. The organization was particularly concerned about potential attacks that could shut down and lock their ICS systems, posing serious risks to both operations and human safety. Read More
Solution	The team set up the Attivo ThreatDefend™ Deception Platform within their network to gain unique visibility into their environment. Once deployed, the Attivo solution alerted the team to several misconfigurations in the network that represented significant weaknesses. The infosec team discovered a lot of activity on their network that they had not previously been aware of. Initially concerned about false positives, further investigation revealed that the alerts were real, substantiated, and actionable in a way that their other devices could not achieve. The ThreatDefend BOTsink engagement server also raised alerts on activities that had completely bypassed their prevention devices. This allowed the team to detect early inside-the-network threats and respond more efficiently. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Intrusion Detection

Cybersecurity & Privacy - Network Security

Applicable Industries

Security & Public Safety

Telecommunications

Applicable Functions

Business Operation

Facility Management

Use Cases

Intrusion Detection Systems

Remote Asset Management

Services

Cybersecurity Services

System Integration

Challenge

The organization was mainly concerned about security threats to their SCADA network. In particular, the infosec team was most concerned about an attack that could work to shut down and lock their ICS systems – putting people in danger and potentially causing serious bodily harm. They did not have the resources (headcount, budget, infrastructure) to deploy and maintain a wide array of prevention tools to protect their network from outside threats. Additionally, ICS devices are not always easily patched or enabled to run antivirus solutions. They needed to know exactly where the weaknesses in their network were so that they could focus their resources on fixing the specific areas that needed attention. Furthermore, the infosec team knew that there were multiple misconfigurations in their network, but had little idea as to where those misconfigurations were or what needed to be done to fix them.

About Customer

A major league sports organization faced significant cybersecurity challenges, particularly concerning their ICS-SCADA network. This organization hosts large sporting events that are televised live, making network security paramount to ensure uninterrupted operations and the safety of attendees. The infosec team was under-resourced, lacking the headcount, budget, and infrastructure to deploy and maintain a wide array of prevention tools. They needed a solution that provided visibility into their network, identified misconfigurations, and offered actionable alerts without generating a large volume of false positives. The organization was particularly concerned about potential attacks that could shut down and lock their ICS systems, posing serious risks to both operations and human safety.

Solution

The team set up the Attivo ThreatDefend™ Deception Platform within their network to gain unique visibility into their environment. Once deployed, the Attivo solution alerted the team to several misconfigurations in the network that represented significant weaknesses. The infosec team discovered a lot of activity on their network that they had not previously been aware of. Initially concerned about false positives, further investigation revealed that the alerts were real, substantiated, and actionable in a way that their other devices could not achieve. The ThreatDefend BOTsink engagement server also raised alerts on activities that had completely bypassed their prevention devices. This allowed the team to detect early inside-the-network threats and respond more efficiently.

Impact #1	The infosec team gained significantly more visibility into their network without the need to add resources.
Impact #2	The team no longer wasted time chasing false positives and unsubstantiated incidents, allowing them to focus on real threats.
Impact #3	High fidelity alerts from the ThreatDefend platform greatly lowered the time-to-discovery and time-to-response on threats, saving the team hours if not days.

Impact #1

The infosec team gained significantly more visibility into their network without the need to add resources.

Impact #2

The team no longer wasted time chasing false positives and unsubstantiated incidents, allowing them to focus on real threats.

Impact #3

High fidelity alerts from the ThreatDefend platform greatly lowered the time-to-discovery and time-to-response on threats, saving the team hours if not days.

Benefit #1	The organization has now deployed the ThreatDefend Deception Platform into multiple stadiums across the United States.

Benefit #1

The organization has now deployed the ThreatDefend Deception Platform into multiple stadiums across the United States.

Download PDF Version

Overview

Major Sports Organization Protects Critical Infrastructure With Deception Technology

Operational Impact

Quantitative Benefit