8 July, 2021 | Written by: Martin Borrett
Share this post:
Protecting Wimbledon – game, set and match IBM.
Wimbledon is famous for good reason: for two weeks every year The Championship attracts millions of digital visitors from a global audience, who engage in a quintessentially British celebration of world-class tennis.
Wimbledon balances tradition with innovation, it is built on grass courts, tennis whites and a digital experience that attracts fans, with real-time coverage of the world’s best tennis tournament. In 2021, cognitive security technology and constant vigilance from IBM helped protect Wimbledon.com and the Wimbledon brand.
The digital experience is now more crucial than ever to helping grow the value of the Wimbledon brand, by attracting a new “digital native” audience. Inevitably, such a high-profile sporting event and iconic brand attracts a huge amount of unwanted attention from cyber attackers, whose aim is to disrupt and cause reputational damage.
With unprecedented levels of peak traffic across these digital properties, IBM Cloud proved up to the task. The infrastructure is easily scaled to accommodate event-day traffic spikes, without compromising performance, and with robust security capabilities in place, that blocked millions of threats during the fortnight. To meet these demands, a multi-layered approach to security was taken, which ensured that every part of the infrastructure was protected. One of the keys to this strong security program is expertise and experience: IBM Security Analysts constantly monitor the infrastructure, using world class technology: IBM QRadar Security Information and Event Management (SIEM), to identify potential attacks and rank the incidents by level of urgency.
The first step in responding to a suspected attack is, for the Security Analyst, to gain a better understanding of what is happening and the potential scope and scale of the incident. Initial investigation typically involves analysts searching multiple information sources and can take around an hour to complete – which could be too long in a high profile, fast paced, time-critical event like Wimbledon. This is where augmented intelligence steps in, to enable rapid threat investigation. IBM QRadar Advisor with Watson technology enriches data provided by the SIEM solution, offering a recommended set of actions based on its analysis of a given threat, and enabling the IBM security team to react to incidents 60 times quicker.
For the last 4 years, the security analyst team have reaped the rewards of using IBM QRadar Advisor with Watson to reduce the time taken to investigate incidents to just a few minutes. Watson has ingested and understood millions of pieces of information relating to attacks, threats, exploits, vulnerabilities, threat actors, and malware; and augments Analysts’ knowledge with extensive information that would otherwise be in the dark to them. The benefits are not just around being able to respond more quickly, the augmented intelligence provided by Watson also gives analysts better insight and more accurate intelligence to help shape the best possible response.
IBM QRadar Advisor with Watson has been successful in removing mundane tasks and speeding up the response. Whether it’s 4:30 pm on a Friday or 10 am on a Monday, Advisor augments human intelligence so that the analysts are driving consistent and thorough investigations each and every time. It reduces MTTD and MTTR with a quicker and more decisive escalation process, and helps determine root-cause analysis and drive next steps with confidence, by mapping the attack to the MITRE ATT&CK model.
Cognitive security technologies are changing the game, enabling analysts to identify and address the real threats hidden in millions of events experienced during the tournament quickly and efficiently. The benefits are clear:
- 60x faster security threat investigations with Watson compared to manual analysis.
- 5x increase in volume of security incidents analysed over the course of the tournament.
- Zero breaches that impacted the 2021 Wimbledon website and brand.
With IBM focused on operating and protecting Wimbledon’s digital properties, the Wimbledon team is free to focus on the courts—putting on the world-class tennis experience that stands behind the Wimbledon brand. Behind the scenes, cognitive security, IBM technology and the security experts who monitor and manage the daily deluge of events, incidents and attacks, join forces to keep the personal data of Wimbledon fans out of the hands of hackers.
So this year, as always, we enjoyed some fantastic tennis – safe in the knowledge that the unseen security team were ready to protect, detect and respond to whatever shots were played by their cyber opponents – game, set and match IBM.