IBM Watson for Cybersecurity Takes Center Court at Wimbledon!
141-year-old tennis tournament – The Championships, Wimbledon utilizes IBM Watson to protect their brand against increasing risk of cybercrime.
The world is getting intertwined with billions of internet-connected devices fueled by artificial intelligence and machine learning. The number of such connected devices in every realm of today’s world will soon outgrow the world population by many folds. As we strive to advance in this digital age, the dangers arising specifically from the lack of security aspects of digital revolution are overlooked by most and thus the absence of good governance, policies, standards, adequate controls and availability of funding to effectively address vulnerabilities is creating serious challenges.
One of the organizations facing these challenges, in today’s digital realm, is the 141-year-old tennis tournament – The Championships, Wimbledon (or simply called Wimbledon) [1].
Magnitude of the Issue
In today’s digital realm, most fans experience Wimbledon off the field. Hence, Wimbledon must leverage its digital platform to deliver that great experience through its website, mobile app, TV, social media, etc. [2]. The Wimbledon website had 436 million page-views in 2017, a 10% increase from 2016 [3]. (Figure 1). With this massive “digital” fan base, comes the increases risk of cybercrime as well and hence, a cyber-attack during the game, disrupting Wimbledon’s digital platform, would really hurt Wimbledon’s 141-year-old reputation. As a result, the need of a cyber resilience tool which utilizes machine learning and artificial intelligence to stay a step ahead of these cyber-attacks is heightened.
It’s not just the volume of attacks that is mind boggling, it is the deceptive nature of attacks that is more concerning. Usually most of the attacks would be released to trick the security operations analyst (and automated tools) into focusing their energy on a part of the system, while at the same instant, unknown to the analyst, some completely other part of the Wimbledon digital backbone is being targeted. This is what is defined as “low and slow” coordinated attack [5]. A security analyst would not be able to able to correlate these data points manually without the help of a SIEM tool.
IBM Watson to the rescue
IBM has been the official Information Technology partner to the Wimbledon for 29 years [6]. In 2017, IBM brought in Watson (integrated with QRadar – IBM’s Security Information and Event Management tool), a supercomputer that uses machine learning and artificial intelligence to analyze data points, to assist the security operations at Wimbledon to investigate 200 million events and help identify, detect and protect against the potential threats during the tournament, with speed and accuracy [7].
The entire infrastructure (QRadar + Watson) brought together and correlated data, in real-time, from over thousands of connected endpoint devices and peripherals on the platform and populated the QRadar threat matrix and dashboard. This dashboard provided the security analyst the complete picture of the attack and a set of steps and recommendations that should be initiated to mitigate the cyber threat. In some instances, Watson was able automatically invoke other connected components on the network to derail the attack [8].
The results were fantastic. IBM QRadar with Watson was able to correlate huge volume of events 60 times faster than an average human security analyst. This translated into 5 times more number of events being analyzed. More importantly, this resulted in ZERO successful breaches impacting the Wimbledon website [10].
Going Forward at Wimbledon
Cyber-criminals are looking for different and creative ways to evade technology – either by developing new malware that can detect correlation activities and stay in a “hibernation” mode awaiting the right moment to execute, or by targeting the less skilled humans in the organization [11]. The attackers only have to be successful once while the power-combo of a security analyst with IBM Watson, at Wimbledon, has to stay on top of every attack each time. Going forward, the executive management at Wimbledon should start increasing the overall awareness about cybersecurity and its potential threat, not only internally, but also to its fan base, while continuing their ongoing investment in the technology to protect their brand from a bad cyber day. It’s a continuous improvement process and not just something that could be easily accomplished within the two-week period when the tournament is on.
The Future?
With the exponential advancement in, and the ease of access of machine learning and artificial intelligence capabilities, cybersecurity is not just a problem related to the IT department anymore. Today, cybersecurity touches every single business unit within an organization – including an organization’s C-Suite and the Board. But are the Boardrooms sufficiently prepared to address the rapidly growing cyber risk and integrate cybersecurity into the organization’s overall business strategy and make sure the organization is not left operationally paralyzed when a cyber event knocks on their door?
(Word Count: 769)
Sources:
[1] Wimbledon History – 1870s, http://www.wimbledon.com/en_GB/aboutwimbledon/history_1870s.html
[2] Wimbledon serves more AI in 2018, Elizabeth O’Brien, June 2018, https://www.ibm.com/blogs/game-changers/wimbledon-serves-ai-2018/
[3] IBM at Wimbledon 2018, June 2018, https://www.ibm.com/thought-leadership/wimbledon/uk-en/
[4] IBM at Wimbledon 2018, June 2018, https://www.ibm.com/thought-leadership/wimbledon/uk-en/
[5] Wimbledon 2017: Manicured Lawns, Ivy-Covered Buildings, Tennis Whites and Cyberattacks, Johnathan Van Houten, July 2017, https://securityintelligence.com/news/wimbledon-2017-manicured-lawns-ivy-covered-buildings-tennis-whites-and-cyberattacks/
[6] IBM at Wimbledon 2018, June 2018, https://www.ibm.com/thought-leadership/wimbledon/uk-en/
[7] Wimbledon 2017: Protecting the oldest brand in tennis with the latest in cognitive security, 2017, https://www.ibm.com/case-studies/wimbledon-2017
[8] Cybersecurity Behind the Scenes at Wimbledon, Eleanor Dallaway, August 2017, https://www.infosecurity-magazine.com/news-features/cybersecurity-behind-the-scenes-at/
[9] IBM Security helps Wimbledon focus on the court, not the cloud, IBM Security (YouTube Channel), October 2017, https://www.youtube.com/watch?v=m-hq2aOMeuE
[10] Wimbledon 2017: Protecting the oldest brand in tennis with the latest in cognitive security, 2017, https://www.ibm.com/case-studies/wimbledon-2017
[11] Challenges Facing Using AI in Cybersecurity, Ahmed Banafa, March 2018, https://www.bbvaopenmind.com/en/challenges-facing-using-ai-in-cybersecurity/
[12] Featured Image: American Men Long Shots (Again) to Win Wimbledon, June 2018, https://www.outkickthecoverage.com/american-men-long-shots-win-wimbledon/
Your last question reminded me of the AI roundtable I organized in my previous job, where we invited C-suite executives to discuss AI’s impact on the business. All the executives were highly aware about the importance of AI/ machine learning/cyber security, but they are not necessarily sure about how to deal with it. One interesting discussion we had is that what the company is lacking the most is not just the tech-experts, but also the “translators” who can translate the needs from the businesses for the tech-experts to solve the right issue, and also translate the solutions that the tech experts developed into business values. While developing an overall strategy around cyber security is important, I think the board will also need to consider a broader view on their HR strategy.
As a tennis fan, I found this article very interesting. I watch the Wimbledon every year, so I am definitely in the population of people that this technology is trying to protect. That said, I am a bit confused as to why the website is so important. I get most of my Wimbledon content from google or ESPN. Are they feeding from the Wimbledon website? Overall, I do think that cyber threats is something every organization will need to think about. Most large traditional organizations only really consider taking the necessary steps after a disaster (take Target’s for example), but its great that technologies like IBM Watson are doing this in a way that is more efficient.
It was great to read about the success of IBM QRadar and Watson, both in terms of speed (60x faster than human analyst) and preventing any breaches on the Wimbledon website. [1] I hope that all companies are taking the necessary steps to protect their own and their consumer’s information, as we have seen the terrible implications of cyber attacks on the reputations of Target, Under Armour, Yahoo, Equifax, and others, where consumer trust is hard to gain and earn back. I do feel that the vast majority of companies today are taking this threat very seriously, and there have been a lot of startups being backed by venture capital firms that attempt to address cybersecurity issues. The big challenge I see with machine learning and artificial intelligence to tackle this issue is that while machines are excellent at processing and analyzing historical data, the most threatening cyber attacks are unprecedented, and therefore likely a challenge for machines to detect based on historical information. I am also concerned about heightened personal cybersecurity for individuals, as today, most people store all their personal information on their personal computers and phones, and most individuals don’t have the means to purchase/attain personal cyber protection.
[1] https://www.ibm.com/case-studies/wimbledon-2017.