Simplified cyber exposure and resilience assessment for an NFL team
We were asked by the team at a large US family office to provide a simplified analysis of their exposure to cyber risk, including associated with the operations of their National Football League (NFL) team.
We specifically focused on the resilience measures in place around game day for key systems such as lighting, audio-visual, and security and utilised wargaming techniques to assess and simulate the potential impacts of a cyberattack on operational systems during or just before a game. We also engaged closely with the offices legal teams and financial teams to understand the underlying legal basis for any cyber related liability or indemnification to the league or other clients such as sponsors which could precipitate a significant financial loss.
We were also able to work very closely with the chief information security officer and the wider information security team to analyse the level of controls in place, including those specifically associated with operational technology. We looked at network segmentation, the use of bastion workstations, operational technology patching, and privileged access management. We were able to analyse whether there were any federal, local, or state laws or statutes which would apply which might mandate that certain systems would need to be fully functional for a game to be played. All of this information was subsequently synthesised in to a report which could be approved by the client for sharing with key stakeholders including insurance underwriters.
Outcomes for client
- A more detailed and justified understanding of the clients exposure to cyber induced losses and downtime.
- A highly visual report that explains to all parties how the exposure to a cyber incident is likely to be minimised based on the business model of the family office.
- Interaction with insurance brokers and under writers to help elucidate the current state of cyber security and how this could impact the transfer of risk into the insurance market.
Recent case studies
View more projects we have completed for clients.
We’re always keen to talk through problems – even if you don’t end up working with us. Let us know your problem or situation below, and one of our consultants will get back to you and arrange a call.