Three strikes and you're out is one of the more well-known sayings in baseball, but it only takes one devastating cyberattack to inflict huge damage on Major League Baseball or any of its 30 teams.
在周三的会议上, "It's Only Baseball: Technology and our National Pastime - A Security Perspective," at ISACA’s 2019 North America CACS conference in Anaheim, 加州, 美国, 尼尔·博兰, the CISO of Major League Baseball, 和阿尔伯特·卡斯特罗, director of information technology with the Los Angeles Angels, provided perspective on the scope of the security challenge for an organization with such high visibility as MLB.
“Baseball has a lot going on,” Boland said. “我们有很多粉丝, 有很多游戏, a lot of activities throughout the course of the year, and a lot of exposures around the globe in many, 许多国家. The sport continues to grow, and the consumption of the sport continues to grow.”
The session traced the rise of prominence of security in baseball from when security was an afterthought to today’s state, in which the bottom line is: “This is critical. 别搞砸了.”
MLB works with numerous partners, which is often where the most challenging security considerations come into play. Boland said MLB is taking steps to strengthen partner onboarding and provide further guidance on mitigating risks.
"There's just a vast amount of partners we work with to pull this off - 162 games a year, not even counting spring training and the postseason for a club, and [multiply] that by 30 teams,博兰说. “有很多数据, a lot of tools and a lot of systems, and some of them are really important, like industrial control systems to keep people safe."
Recognizing the scope of the challenge, in 2017, Boland helped to implement a program to better protect the league and its clubs from cyberattacks, standardizing the security stack and integrations. A vastly increased use of mobile platforms, IoT and cloud services means the traditional perimeter is gone, putting the onus on MLB to provide simple and reliable tools that prevent attacks.
"We wanted to raise the bar a lot higher,博兰说. "We wanted to be faster than the next guy running from the bear."
Boland encouraged session attendees to move quickly to upgrade their organizations’ security posture rather than delay in search of the ideal solution.
"Any layer that you can add that just makes life harder for your adversary is a good thing, 即使它不完美,博兰说.
Unlike the sport’s signature rivals such as the Red Sox and Yankees or Cubs and Cardinals, Boland emphasized that everyone needs to be on the same team when it comes to cybersecurity, and said it is important to share information on cyber threats.
我按铃, and I think that's really important to do, because we're all in this together,博兰说.
超出安全领域, Castro highlighted the way that teams leverage technology in areas such as ticketing, 赞助活动, fan engagement and scouting and developing players.
“The access to information has just grown exponentially and with that has come the ability to do all kinds of really sophisticated analysis that just makes technology critical to running a baseball team,卡斯特罗说.
