According to market intelligence firm International Data Corp. (IDC), the expected increase in cybersecurity threats during the Olympic Games Paris 2024 will lead to a rise in cybersecurity services revenue in France by $94 million (€86 million) in 2024. This surge in investment will add just over two percentage points to the total cybersecurity services spending in the country.
Paris 2024 will be characterized by unprecedented connectivity, integrating many systems including back-of-house operations, financial systems, critical national infrastructure, city infrastructure, sports technology, broadcast technology, and merchandising and ticketing platforms. The risk, while highest for the Olympic venues and directly related assets, extends to seemingly unrelated areas such as national infrastructure and various French businesses.
IDC projects that the cybersecurity services revenue across the rest of Europe will also see an increase of $57 million due to the Paris Olympics. Cybercriminals are expected to exploit the global attention on the Games to launch new targeted threats against both businesses and individuals, leveraging social engineering techniques during this period of heightened distraction.
“We can expect to see an unprecedented level of threats during the Paris Olympic Games, targeting not only the event itself but also unrelated organizations for financial and political motives,” said Richard Thurston, research manager of European Security Services at IDC. “Many organizations in France are accelerating efforts to enhance their cybersecurity posture ahead of the Games, working with highly skilled cybersecurity companies to mitigate risks.”
In the private sector, large enterprises in France are moderately well-prepared for the anticipated cybersecurity threats. Incident management and response are top priorities for 61% of these organizations, and nearly half believe they have sufficient threat-hunting or intelligence skills. However, only 20% of French businesses consider their cybersecurity posture to be mature, with smaller organizations likely to have lower levels of skills and preparedness.
Targets
The threats are anticipated to affect a broad range of targets beyond Olympic infrastructure, including fixed and mobile networks, transportation systems, hotels, the leisure industry, and financial networks. Tactics such as ransomware, data exfiltration, exploitation of application vulnerabilities, tailored phishing attacks, and denial-of-service attempts are expected to be deployed by threat actors.
In response to these threats, the French government established the National Cybersecurity Agency of France (ANSSI) under the Prime Minister’s authority, attached to the General Secretariat for Defence and National Security (SGDSN). ANSSI’s strategy focuses on increasing knowledge of cyber threats, securing critical information systems, protecting sensitive data, raising awareness, and preparing to respond to cyberattacks. They have implemented awareness-raising plans and organized crisis-planning exercises involving hundreds of stakeholders in the Games ecosystem.
The Local Organizing Committee has appointed Eviden to manage cybersecurity services and operations, which will be coordinated from a dedicated Security Operations Center (SOC) for the Games, supported by up to 17 SOCs worldwide. Eviden continues the partnership activities of its parent company, Atos, with the International Olympic Committee. Other technology vendors partnering with Paris 2024 include Alibaba, Deloitte, Orange, and Cisco.