Defense on the field, defense off the field.
The Boston Red Sox might be expected to finish in last place this baseball season, but the team isn’t going to allow that to affect how they protect themselves in the cyber world.
To that end, the franchise has hired intelligence firm Centripetal, which has an office in Portsmouth, New Hampshire, just 60 miles up the road from Fenway Park. Centripetal COO Jonathan Rogers told IT Brew that a company sales executive connected with the team and set the partnership in motion.
“They’re facing the same security onslaught as much of the large business market,” Rogers said. “But being high profile, they’re a particular target for all the usual suspects, the ransomware exploits, etc.”
Play catch. It’s not the first time IT Brew has heard about the threat posed to sporting events by malicious cyber actors. At RSA 2023 in San Francisco, NHL CISO Dave Munroe told a panel audience that the number of “high-profile individuals” in an arena for a game means an expanded threat surface.
“We have to really protect all of those people, even someone who’s doing payroll, or someone who’s in HR—they’re all part of the brand, they’re all an extension of the brand,” Munroe said at the time. “And we have to protect them as such.”
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Centripetal is thinking the same thing, Rogers said. Cybersecurity for a large and world-famous franchise like the Red Sox is complex, due in large part to “all of that economic activity that’s occurring in a very discrete window.” The venue provides e-commerce, from onsite ticket and merch sales to mobile apps and payments, all in a short period of time—often just over two hours.
“This has to happen in microseconds right now, as it’s unfolding…the magnitude of the retail that’s occurring in a sports venue is about as intense a moment as it comes,” Rogers said.
Out of the park. Protecting the franchise from attack requires a more strategic approach, Rogers added, offloading risk by expanding the intelligence network.
“There are trillions and trillions of security events per day across our client base, where we, through the proactive use of intelligence, are able to offload all of that risk at machine speed and resolve it—not push it into an analytical buffer that somebody has to think about or try to catch up offline, but to actually resolve it,” Rogers said. “And what that does is it focuses, intensely, every single enterprise’s own security operations to a much higher level of operations.”