For the Seattle Kraken, the National Hockey League’s 32nd franchise, maintaining a strong defense off the ice—one that keeps cyber attackers in the penalty box—is just as important as its defense on the ice.
Here’s what it’s like behind the scenes defending a widely recognized brand.
The Kraken IT and security team is charged with protecting the organization’s digital assets – including sensitive team and fan data and proprietary information. The six-person team is responsible for managing and protecting more than 260 individuals and their devices at home and on the road as well as the servers and private networks that support the team’s operations. In addition, the Kraken Community Iceplex, which houses the team’s offices and IT equipment, is open to the public, offering a free Wi-Fi network for up to 1000 visitors per day. That traffic passes over the Kraken’s firewalls.
The Kraken organization has built a reputation in the NHL for how it leverages cutting-edge technology across player, employee and fan experiences. The IT staff plays a key role in enabling technological innovation across the franchise, which includes supporting a software development team that builds and maintains a fan-facing app with player stats and other team information and software for the team’s coaching and player development.
From a cybersecurity standpoint, the Kraken have some unique challenges. Like any NHL franchise, team staff are on the road with players for half the season. Team scouts travel around the world year-round, including to places where the cybersecurity threat environment creates added risks. The daily threats faced by the team—from phishing, ransomware attempts and identity access management and more—create a need for strong network and endpoint security as well as correlated threat detection and response.
To secure this expansive attack surface, the Kraken IT team identified the need for a multilayered, unified security platform that significantly reduces complexity for users while still providing enterprise-grade protection. Most importantly, they needed a solution that would enable the team to quickly recognize and address potential security issues.
While the IT team normally holds off on major technology initiatives until the off-season, they decided to switch over to the WatchGuard Unified Security platform during the first half of the 2023-2024 campaign. That created a sense of urgency to make the transition happen as quickly and seamlessly as possible. With the clock ticking, the Kraken team were able to deploy the WatchGuard platform in less than 12 hours.
The first phase of the transition included the deployment of WatchGuard Firebox firewalls, anti-virus and patch management, followed by EPDR endpoint security and WatchGuard ThreatSync extended detection and response (XDR), which integrates data from firewalls and endpoints to surface potential threats. According to Ryan Willgues, cybersecurity engineer at the Seattle Kraken, WatchGuard’s focus on providing a single, integrated management interface centered on ease of use has helped streamline the team’s daily threat monitoring and cybersecurity workflow. “Now, we not only have comprehensive visibility across our network, but ThreatSync’s AI filters out low-level threats so it’s easy to see what I need to prioritize,” said Willgues.
With the current season in the books, the Kraken IT team plans to integrate additional components of WatchGuard’s Unified Security Platform, particularly around identity and access management. That includes single sign-on and AuthPoint Total Identity Security, which offers multi-factor authentication, password management, and dark web monitoring for compromised credentials.
For the Kraken, WatchGuard plays a critical role helping the team to maintain vigilance in monitoring for and defending against attacks amid a continually evolving and increasingly volatile threat landscape. With a comprehensive, multilayered security solution designed for ease-of-use, the Kraken IT team has the power to put cyberattackers in the penalty box and ice threats.
About The Author
Marc Laliberte is the Director of Security Operations at WatchGuard Technologies. Marc joined the WatchGuard team in 2012 and has spent much of the last decade helping shape WatchGuard’s internal security maturation from various roles and responsibilities. Marc’s responsibilities include leading WatchGuard’s security operations center as well as the WatchGuard Threat Lab, a research-focused thought leadership team that identifies and reports on modern information security trends. With regular speaking appearances and contributions to online IT publications, Marc is a leading thought leader providing security guidance to all levels of IT personnel.
Source: www.cyberdefensemagazine.com