Managing Olympic risk

The IT security team predicts there will be millions of filtered 'events' - any abnormal computer system behavior - during the Games of the XXIX Olympiad in Beijing. This would be three times the frequency of computer issues for the Torino Winter Olympics.

Patrick Adiba, Atos Origin's executive vice president, Olympics and major events, is the man in charge of ensuring these risks are handled, and this vastly complex event is properly project managed. He is responsible for providing strategic direction and executive management of the Atos Origin business unit specializing in Major Events including the Olympic Games from Salt Lake City 2002 and till the 2012 London Games.

As the Olympic Games' IT integrator, Atos Origin is responsible for designing, building and operating the IT infrastructure.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

The IT security team predicts there will be millions of filtered 'events' - any abnormal computer system behavior - during the Games of the XXIX Olympiad in Beijing. This would be three times the frequency of computer issues for the Torino Winter Olympics.

Patrick Adiba, Atos Origin's executive vice president, Olympics and major events, is the man in charge of ensuring these risks are handled, and this vastly complex event is properly project managed. He is responsible for providing strategic direction and executive management of the Atos Origin business unit specializing in Major Events including the Olympic Games from Salt Lake City 2002 and till the 2012 London Games.

As the Olympic Games' IT integrator, Atos Origin is responsible for designing, building and operating the IT infrastructure.

Not sporting events

The events that will most concern the IT security team, which will be working round the clock during the Games, have nothing to do with the athletes.

"We expect to have about 3 million 'events', that is, abnormal IT behavior, a mistake or security breach - during the Games," Adiba said. "That's 200,000 plus per day--so we have to make constant decisions, in real time, on the huge volumes of data and what action to take." (Compare Network Monitoring and Management products)

New and undisclosed intelligent processing methods will be deployed in Beijing to meet these new IT security challenges.

"The key thing what we do in running this Olympic program is risk management from the preparation of the project and during the operation," he said. "We only do risk management; we try to find the best solution, not always the cheapest and the most sophisticated, but one that does the job with the minimal risk."

Conservative and cautious

This focus on handling risk means Atos Origin adopts a conservative and cautious approach. (Compare Patch and Vulnerability Management products)

"In the Olympics, the rule is that we change something only when we absolutely need to, and for good reason, because the technology is obsolete, or if we can provide better service," Adiba said. "We don't mind using 'old' technology if it's safe.

The Olympics is not where we highlight the latest or newest technology, it's more a risk analysis event.

He said there is a dedicated team examining what new technologies are available. "They ask questions like 'are they safe enough?', 'is it reliable?', 'is it proven in a stressful environment?' We won't implement if the risks are too high."

Atos Origin is focusing on three key IT areas: security architecture, risk management and security operations, to ensure that everything is in place to respond to any potential threat from either within or outside the Games network.

Through extensive testing before the 17-day event, the IT security team is able to understand what constitutes normal activity on applications, servers, PCs and the network, so that an incident can be logged if the traffic becomes abnormal.

Prioritized response

This strategy enables the IT security team to effectively respond to incidents on a prioritized basis, keeping the Games IT infrastructure protected from a wide range of threats that may otherwise compromise critical IT services--including the recording and distribution of competition results.