As the 2024 Paris Olympics approach, cybersecurity issues are more critical than ever. Organizations must anticipate mass attacks, potentially 8 to 10 times more numerous than during the Tokyo Olympics, and prepare accordingly to protect their infrastructure and sensitive data. Discover the cyber events of CISOs and their companies during this Olympic year.
From Stéphanie Ledoux, Executive DirectorAlcyconia
The Olympic Games are the most watched sports competition in the world. They represent a wonderful opportunity to illuminate the entire country, attracting audiences and media from around the world.
In an ultra-connected world, attracting visibility also means attracting cybercrime.
That is essentially what was said Franz Regul, Head of Information Systems Security of the Paris 2024 Organizing Committee: “Today, the entire organization is based on technology. And wherever there is technology, there are questions and concerns about cybersecurity.”
There is no doubt: Olympic and Paralympic Games it will be a playground for athletes but also for cybercriminals from all over the world who will turn to France. Contrary to what one might imagine, cyber attackers will not only target an event but a much wider ecosystem of companies, institutions and individuals.
The volume of attacks is likely to be unprecedented. Experts estimate that we could face potentially 8 to 10 times more cyber threats than during the 2021 Tokyo Olympics, during which as many as 450 million cyber attacks were recorded!
Cyberattacks carried out by whom, for what reasons, by what means? How can you prepare for it? How can we ensure that we have sufficiently anticipated possible crises… to anticipate the best possible outcomes?
A wide range of threats
Attack for financial gain, hacktivism, destabilization, espionage… Cybercrime takes many forms and can have different purposes: state groups that carry out actions of destabilization or sabotage for geopolitical purposes; groups of independent attackers with purely financial goals operating through phishing and ransomware campaigns; groups of hacktivists – whether paid by the government or not – who seek to convey their messages to the widest possible audience.
Well-known cyber threats that we are likely to face during the 2024 Olympic Games include: attacks DDoS which will certainly be used to disrupt the event; phishing emails that will be heavily contextualized around JOPs; THE ransomware which will certainly be more focused on companies operating in sensitive sectors or related to the event during the Olympic Games in order to exert maximum pressure on their victims in order to pay the ransom; or even defacement of websites by state or non-state hacktivists to promote ideological messages, propaganda, etc.
So many scary scenarios to prepare for.
Like athletes, businesses must train
Athletes prepare for months to be ready for the big day. For companies, the metaphor is significant: they must not suffer or be victims of a state of dismay when an attack occurs, when a data breach or exfiltration is suspected. But are they as well prepared as our athletes?
During a cyber attack, time management becomes crucial as the infection and its effects spread rapidly. Very often, companies waste a lot of time finding and mobilizing the right people, which hinders their ability to make the right decisions quickly.
In the context of a cyber crisis, it is crucial to have a crisis management team ready to respond. 1time phase of cyber crisis management training is to define a “typical team” or crisis unit, which must be assembled to manage a crisis.
Typical team and substitutions
A typical team is therefore a crisis unit (task team) ready for mobilization. Although this can vary depending on the company’s activities and structure, a typical team always emerges. It generally consists of a crisis manager, a crisis secretary (in charge of keeping a manual, a list of crisis management history) and finally the key departments: communication, human resources, DAF, DSI, not forgetting the legal manager and the DPO. , if it exists.
Replacements are not just replacements, they play a key role. When they come into play, they will bring complementary expertise, cover a wider spectrum or provide continuity during vacations or unavailability. This assumes that its members (eg sales director, operations directors and branch or plant managers when involved, etc.) are trained in the same way and can be quickly mobilized to take over.
The importance of training in real conditions
Once the team is formed, it must have a game plan, otherwise known as a cyber crisis management plan (CMP). This plan describes the steps to be followed in the event of a cyber attack, either from the point of view of management (who are the actors of the cell, how to continuously communicate, make quick decisions, etc.), internal communications and external, organizational (working without internet, without network access, working on distance or vice versa by imposing work exclusively on site, etc.) and technical (system restoration and data recovery, etc.).
This company’s strategic game plan for cyber crisis management must be regularly tested and revised to ensure its effectiveness and adapt to rapid changes in the company (employees, managers, tools, when the company makes acquisitions, when it opens factories, new offices and branches, etc.) . All these developments are expanding the attack surface and making the response to a cyber attack more complex. With a well-designed PGC (Crisis Management Plan), everyone knows their mission, rules and good reflexes for quick action.
A cyber attack is like a match, a competition. Preparing your team, knowing your roles and putting yourself in the mental situation allows you to manage the pressure and contain the effects of an attack on the organization, its employees, customers and its essential activities. A cyberattack puts companies and their employees in a context of strong stress and uncertainty: therefore, it is essential to train with a scenario, i.e. a simulation of a realistic attack context (with simulated scenarios of social engineering, intrusion, unavailability of system information, data extraction, disinformation on social networks, etc. ). This empirical approach makes it possible to assess the company’s preparedness level and improve the emergency management process.
Obviously, the sports analogy has its limits. The crisis management team does not need daily or weekly training. Exercises held every 6 to 12 months help keep the collective mobilized and ensure that all its members are prepared and informed.
Improving organizational resilience
The Olympic Games are the highlight of this 2024 year, critical for the cyber security of French companies. New regulations such as DORA or NIS 2 are signs of a digital transformation that continues at high speed, bringing its share of threats and attacks. Accepting cyber risk means preparing for it: like athletes, let’s train to be ready and not fail on the day of the event.
Knowing how to deal with cyber attacks doesn’t win you a medal, but it can save your company from serious economic and reputational consequences. Only by training in cyber crisis management will we know how our resilience capacity is progressing. The benefits in terms of cheerfulness, trust and cohesion within organizations will be the real reward.
READ ALSO:
READ ALSO:
