Protecting enterprise IT during the Olympics

Sponsored by

Your machine data knows things: Unlock it with Splunk and get game-changing insights—plus a critical resource to power AI. Tapping into machine data can boost your security and reliability. See more.

Organizations providing services to the upcoming Olympic Games in Italy might not need to worry about landing a triple axel in figure skating, but they’ll face their own sweat-inducing challenge: making sure threat actors don’t take advantage of cyber-vulnerabilities during the events.

In 2024, France reported more than 140 cyber-incidents throughout the Olympic and Paralympic Summer Games, the Cyber Threat Alliance outlined in a 2025 report. Of those reported incidents, 22 successfully gained access to information systems, while the remaining 119 had “minimal or no impact.” France’s Cybersecurity Agency, Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI), provided support to almost 500 companies and organizations involved in the Olympics.

Kristopher Russo, a principal threat researcher at Palo Alto Network’s threat intelligence and incident response group Unit 42, told IT Brew that bad actors during those Paris games carried out attacks against critical infrastructure associated with the Olympics, including Distributed Denial-of-Service (DDoS) events.

“The idea is really to both embarrass the hosts and the host countries of the game, show unpreparedness, get everybody on edge, and then also to push these individual ideologies and viewpoints to get that into the open,” Russo said. “The bad guys really like these huge events like [the] Olympics because they have a lot of coverage built in right now.”

The cost of Olympic security. In July, the International Olympic Committee sought interest from service providers who could provide software solutions for data management, cybersecurity and IT, along with experience in multi-sports events projects and more for the upcoming games.

Russo advised IT pros whose companies might be servicing some aspect of the Olympics to understand the associated risks, and ensure all the organization’s stakeholders understand the cost of mitigating such risks properly.

Peter Evans, the CEO and member of the board of directors for Xtract One Technologies, pointed out that cybersecurity diligence extends far beyond the games themselves.

“Good health is something that we should be doing as part of our life. Good cybersecurity resiliency is something that every company should be doing all the time,” Evans said.

Organizations should have the right security budget and best practices in place, because eventually cybersecurity pros will face an event of some kind, whether it’s the Olympics or a major cybersecurity threat or something else entirely, Evans said.

From outside the house. Enterprises should understand the benefits of leveraging experience to harden their cyber-defenses, even if it’s coming from outside of the organization, according to Russo.

“Don’t try to do it yourself,” Russo said. “This is where you bring in folks—you work with partners, you work with other organizations that have experience in this area to help you strengthen your own defense and to make sure you’re ready. Reviewing what you have, planning for the future, and helping you get the things that really make sense in your overall security maturity program.”

The International Olympic Committee did not respond in time to a request for comment.