Cybersecurity Risks Related to the Olympic Games Will be Widespread, Driving Increased Cybersecurity Services Spending in France and Across Europe, According to IDC
11 Julio 2024 - 7:30AM
Business Wire
While previous Olympic games have faced cybersecurity threats,
the Games of the XXXIII Olympiad, also known as Paris 2024, will
see the largest number of threats, the most complex threat
landscape, the largest ecosystem of threat actors, and the highest
degree of ease for threat actors to execute attacks. To defend
against these attacks and avoid significant disruptions,
International Data Corporation (IDC) estimates that revenue from
cybersecurity services in France will increase by $94 million (€86
million) in 2024 as a result of the Olympic Games, adding just over
two percentage points to total cybersecurity services spending.
Paris 2024 will be the most connected Games ever, including but
not limited to back-of-house systems, financial systems, critical
national infrastructure, city infrastructure, sport technology,
broadcast technology, and merchandising and ticketing. And while
risk is clearly highest for venues and other assets used directly
for the Games, it permeates outward and seemingly unrelated assets
can come under attack, including critical national infrastructure
and many French businesses. Outside of France, IDC expects security
services revenue in the rest of Europe will increase by $57 million
in 2024 as a result of the hosting of the Olympic Games in
Paris.
"Cybercriminals are leveraging global sporting events like the
Olympic Games to craft new targeted threats to businesses and
citizens, knowing that their target is often distracted and more
prone to social engineering," said Richard Thurston, research
manager, European Security Services at IDC.
“We can expect to see an unprecedented level of threats launched
during the Paris Olympic Games supporting a variety of financial
and political motives targeting not only the Olympic Games but also
unrelated organizations," Thurston continued. "Fortunately, many
organizations in France have been working to accelerate the
strengthening of their cybersecurity posture ahead of the Games.
Furthermore, the Local Organizing Committee is working with a range
of highly skilled cybersecurity companies to mitigate risk to the
Games itself."
"The threat extends to a wide range of potential targets beyond
the Olympic infrastructure itself, including things like fixed and
mobile networks in Paris, transportation infrastructure and
companies, hotels and the leisure industry, and financial
networks," added Thurston. "Organizations can expect threat actors
to deploy a full array of tactics, techniques and procedures, such
as ransomware and data exfiltration, exploiting application
vulnerabilities, social engineering, tailored phishing attacks, and
denial-of-service attempts aimed at taking down online
services."
In preparation for the Olympics, a national service (ANSSI) was
created under the authority of the French Prime Minister and
attached to the General Secretariat for Defence and National
Security (SGDSN). ANSSI is responsible for the management of the
strategy for the prevention of cyberattacks at the Games.
The system set up by ANSSI, in collaboration with several
entities involved in the organization of the Games, is structured
around the five main axes: increase knowledge of the cyberthreats
to the Games; secure critical information systems; protect
sensitive data; raise awareness in the Games ecosystem; and prepare
to respond to cyberattacks affecting the Games. ANSSI has
implemented an awareness-raising plan aimed at hundreds of players
in the Games ecosystem and organized several crisis-planning
exercises.
In addition, the Local Organizing Committee has appointed Eviden
to manage cybersecurity services and operations, which can be
delivered from a dedicated security operations center (SOC) for the
Games as well as up to 17 SOCs worldwide. This marks a continuation
of Eviden's parent company Atos' partner activities with the
International Olympic Committee. Other technology vendors that are
partnering directly with Paris 2024 include Alibaba, Deloitte,
Orange, and Cisco.
In the private sector, organizations in France are moderately
well-prepared for the additional threats that will accompany the
Olympics. Incident management and response is already a main
cybersecurity priority for 61% of large enterprises in France, and
nearly half believe they currently have sufficient threat hunting
or threat intelligence skills. However, less than 20% of French
businesses believe their cybersecurity posture is mature or better,
and smaller organizations are likely to have lower levels of skills
and preparedness.
The IDC report, Cybersecurity and the 2024 Olympic and
Paralympic Games (Doc #EUR151993924), examines the key
cybersecurity issues affecting the Olympic and Paralympic Games,
which are to be held in Paris and other French cities starting on
July 26, 2024. It identifies how the market for cybersecurity
services in Europe will change as a result.
About IDC International Data Corporation (IDC) is the
premier global provider of market intelligence, advisory services,
and events for the information technology, telecommunications, and
consumer technology markets. With more than 1,300 analysts
worldwide, IDC offers global, regional, and local expertise on
technology, IT benchmarking and sourcing, and industry
opportunities and trends in over 110 countries. IDC's analysis and
insight helps IT professionals, business executives, and the
investment community to make fact-based technology decisions and to
achieve their key business objectives. Founded in 1964, IDC is a
wholly owned subsidiary of International Data Group (IDG), the
world's leading tech media, data, and marketing services company.
To learn more about IDC, please visit www.idc.com. Follow IDC on
Twitter at @IDC and LinkedIn. Subscribe to the IDC Blog for
industry news and insights.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240711752857/en/
Michael Shirer 508-935-4200 press@idc.com