The Stadium and Arena Governance View – Commercial Facilities and Public Assembly Risk

Divergence

Commercial facilities’ governance with industrial control systems (ICS) and public assembly risks is challenging for stadiums’ and arenas’ threat management.

The first challenge faced by governance boards is the divergence issue that involves the unique challenge of handling public assembly safety while at the same time managing the underlying infrastructure via the industrial control system for the stadium-arena.

Executive Order 13636 “Improving Critical Infrastructure Cybersecurity” was signed on February 12, 2013. During the previous decade, the Department of Homeland Security (DHS) was already reaching out to and assisting sectors of critical national importance to improve ICS security. Other sectors of critical importance, such as chemical, gas, power generation, water, and pipelines, diverge from the governance of stadiums and arenas, in the challenge of also managing public assembly.

Threats to critical infrastructure impact both the infrastructure along with public trust and these threats can cause physical or psychological harm to the public. Governance of commercial facilities, including stadiums and arenas, is a challenge to manage risk where the assembled public is the target, and trust in the underlying infrastructure is a tool for that threat.

theme parks

Convergence

The second challenge for stadium and arena governance is the ‘convergence issue. The underlying technology of Industrial Control Systems (ICS): lighting, HVAC, movable architecture, water, power, electronic/physical access control doors, networking equipment to include public broadcasting, wireless broadcasting, and fire/emergency control systems along with video monitoring. These technologies have Internet Protocol (IP) based threats to manage.The same challenges that the corporate infrastructure for stadium management faces in cybersecurity is now also a governance issue in the stadium and arena ICS.

The convergence in threats to these systems comes from every growing capability and willingness to attack ICS and Internet-based technologies within the IC operations. The ability of governance oversight to manage the uniqueness of public assembly within close proximity to IC environments presents one set of challenges. The growth of IP based technology and tailwind threats being introduced creates a second set of unavoidable governance challenges. Executives that manage this risk have a unique space, a good set of best practices to implement, and great technical tools to put in the hand of staff that manage the day-to-day operations in IP based risk.

Where IP Based Risk Management is Heading

Stadium and arena governance are a unique problem space with public safety challenges and ICS cybersecurity in an IP based environment.  Integrating corporate networks with ICS networks creates even further risk that has already been exploited outside of the commercial facility space.

Complex cybersecurity challenges require a comprehensive and cohesive solution like SOAR. Gartner coined the term SOAR, Security Orchestration, Automation, and Response.

The SOAR framework offers two key benefits to SOCs and the incident management process. First, it provides the ability to create uniform and repeatable business processes to handle incidents of any type.  Second, it uses machine language (a sub-field of artificial intelligence) to offload work and automate actions at various points in a well-defined business process.

The SOAR framework aligns all of the security alerts from disparate sources into a single platform, automates key workflows, and houses runbooks with clear, concise, actionable steps for triage and remediation. It leverages next-generation artificial intelligence tools to supplement human interaction throughout the incident response handling.

theme parks

Get Started Today

At Acadia, we understand security. Our primary focus is to help stadiums of all sizes design security solutions that
meet compliance requirements through the use of industry best practices and years of experience in the field.

Contact us today to get started on your stadium security assessment.