T&M's Dan Donovan Featured as Expert in NCS4 Gameday Security MagazinePosted on April 12, 2018 by T&M Protection Resources, LLC
T&M’s Dan Donovan, Vice President of Sport & Entertainment Security, was interviewed by NCS4 for an article entitled Fighting the Virtual Battle recently published in the Spring 2018 edition of Gameday Security Magazine.
In the interview, Mr. Donovan weighs in on the role cyberattacks and social media threats have had in the way sports teams and associations think about security. According to Mr. Donovan, the past 2-3 years have shown an increase in the number of teams and stadiums who have incorporated a Chief Information Officer (CIO) into their management team. These CIO’s, he says, have begun to take a “deep dive into network security and cyber,” recognizing the threat that cyber attackers who gain access to a team or stadium’s network can pose to their operations. Mr. Donovan explains that this increased scrutiny has resulted in an increasing emphasis on “the basics of penetration testing and taking networks offline,” and “closing down the access points to their networks when they are hosting major events.”
Mr. Donovan also speaks about some of the cybersecurity weaknesses he sees within the sports industry, noting that there is a general need across teams and stadiums to better understand who runs their networks and where the security systems and PA audio-visual are sitting on that network. This understanding is necessary, he says, to ensure confidentiality and protect access control, visitor management, camera and credential systems, all of which can be compromised by a malicious network intruder. As an example, he points to the time last fall when the Ticketmaster system went down worldwide. He recalls, “I was at Mercedes Benz Stadium when it happened and it was a big challenge for that operating team.” Reflecting on that incident, he says that although penetration tests that test staff’s ability to respond to failures in the security communications system or network shutdowns can be stressful, they have become increasingly important. According to Mr. Donovan, “It’s never about whether or not something can happen, it’s about what’s the plan when it does happen.”
In December 2017, Mr. Donovan joined T&M, a New York City-based provider of comprehensive security, cyber, intelligence and investigative solutions. T&M’s Technology Risk divisions offers Cyber Incident Response, Information Security (including penetration testing and network vulnerability assessments), Compliance Technology Consulting and Data Forensics services to clients around the globe.
When asked about the role of social media, Mr. Donovan replies that engaging a social media monitoring service, when combined with the right level of analysts to monitor and scrutinize the data, can be helpful in identifying potentially disruptive incidents targeting stadiums and sports events before they happen. He describes the goal of this monitoring as getting to the information early, stating “when we’ve had a serious incident in this country or around the world, we have found that information post-incident. So how do we get to a point where we’re seeing that information in advance of an incident?” Recalling the time last November when someone flew a drone over Levi Stadium to drop leaflets, Mr. Donovan acknowledges the “phenomenal support” the stadium received from both Santa Clara police and the FBI but wonders if social media monitoring could have helped predict and prevent the incident before it occurred.
Using open source and proprietary databases, T&M’s intelligence analysts monitor online and social media postings for private clients and organizations to identify security risks and assess threats found online. In the event that a potentially adverse post is uncovered, T&M deploys investigators to delve further and conduct field operations as necessary.
Mr. Donovan concludes his article with a bit of advice for event operators seeking to utilize actionable intelligence: “It’s really a combination of your relationship with local agencies, your fusion of intel centers that can support your event, and the right level of staff members or consultants that you can rely on to assist you in getting that data or that cyber strategy in place.”