The NFL relies on Cisco

On game day, a safety is worth two points—but security is priceless. But securing the largest live sporting event in America is no easy feat. An incredibly high-profile event with a live audience of more than 100 million people is an attractive target for threat actors. And it's not just about protecting the technology that streams the game into millions of homes—it's about protecting every interaction point that fans will experience, from cashless concession booths to the Cisco-supported replay screen.

SoFi Stadium is full of screens, in fact. "If you think about it from a threat perspective, this could be a very big billboard for some attacker," NFL Chief Information Security Officer Tomas Maldonado said when describing his strategy for securing the event. If a hacker takes over the screen and announces a bomb threat hoax to a full stadium, chaos would ensue. Cybersecurity, then, goes beyond just protecting data and devices; it extends to the physical safety of every player, staff member, and fan.

Putting together the playbook

Working with Cisco meant that the stakes for securing Super Bowl LVI were even higher. Working with Cisco to protect mission-critical gameday operations was the answer to a challenge that Maldonado said started in 2019, when he was responsible for securing his first Super Bowl.

"I realized I needed more. That more was more transparency and visibility into what kind of threats we're seeing…I needed to work with a partner that can understand the scale and the gravity of the situation…and then be able to complement and be adaptable and amenable for what we're trying to implement. [Cisco] understood what we were trying to design and accomplish," Maldonado said.

An all-star security lineup

"What we're trying to do is slow down the bad actors, make it more difficult and challenging for them to try to attack the scoreboard, try to impact what's happening on the field," Maldonado said of the main goal of game day cybersecurity operations. "With Cisco by our side, we were confident that we could quickly anticipate any issues and deliver the seamless gameday experience that our players, staff, and fans have come to expect."

The right tools and the right team are key in making sure things run smoothly, avoiding disruptions to the game, and safeguarding the data and devices that make mission-critical gameday operations possible.

"We try to reduce the footprint or vector of attack by making very specific design choices around how individuals will connect to our environment and who's allowed to connect to our environment," Maldonado said.

To protect their environment on Super Bowl Sunday, the NFL used a suite of integrated security solutions working in tandem:

• Cisco Umbrella combines several security technologies into one, cloud-delivered solution, protecting users from internet-based risks on or off the network. Umbrella prevents phishing, malware, and ransomware and safeguards connections to cloud applications without sacrificing performance.
• Cisco Secure Firewall helps organizations to obtain end-to-end visibility and simplified security management across distributed and hybrid networks. It provides superior threat detection and prevention for the modern network.
• With Cisco Secure Malware Analytics, organizations can uncover exactly what a piece of malware is doing, how large of a risk it poses, and how to mitigate it. Secure Malware Analytics rapidly inspects files and suspicious behavior to help speed up incident investigations.
• SecureX, our cloud-native platform with XDR capabilities, integrates the Cisco Secure portfolio with a business's entire security infrastructure, speeding detection, response, and recovery.
• Cisco security technologies are fed timely, in-depth intelligence by Cisco Talos, the world's largest commercial threat intelligence organization. Incident commanders from Talos Incident Response, as well as members of our Customer Experience team, were on site with the NFL for the whole game.

A more resilient playing field

From mom-and-pop shops to startups and all the way to the NFL, Cisco Secure Chief Technology Officer TK Keanini reminds us that, "everybody is a target." Bad actors don't discriminate when it comes to targeting and taking advantage of an organization's vulnerabilities. In the face of increasingly sophisticated, modern threats, every organization needs to create a foundation of security resilience to be ready for the unpredictable.

Keanini went on to say that while every business isn't orchestrating Super Bowl-level events, the risk is still real, and you don't need to be a company with a million pairs of eyeballs on your work to benefit from networking and cloud security. "You be you. Cisco's job is to be a partner in making sure that you can be you, securely."