Simon Whitburn
Senior Vice President Cyber Security Services
The Rich Energy Haas F1 Team is no different to any other business in trying to keep data and systems safe from cyber threats. Although they do face specific challenges due to the nature of the sport, fundamentally they are a business and therefore have parallels with any manufacturing organisation.
Fluid business
Haas F1 is a global, almost virtual business. The organisation has headquarters in North Carolina, USA, an operations centre in England and two sub-offices in Italy. There are many partners around the world including Ferrari, Pirelli and car designer Dallara. But the team must also constantly set up new, temporary operations centres throughout the year, at Grand Prix circuits and test sessions.
Coupled to this, the organisation’s core strategy is to look at outsourcing as a way to bring in industry expertise and keep in-house teams lean and efficient. This makes managing data between multiple locations and vendors vital to the success of the F1 team – it’s a very different approach to more traditional entrants.
All this means that Gary Foote, the team’s Chief Information Officer, must protect a huge data movement pattern.
As a target for cyber breaches, an F1 team has a lot to protect. Instinctively you think about intellectual property and performance data, getting into the hands of another F1 team, but in reality, a breach like this is extremely unlikely. A bigger concern is organisational data, such as payroll or financial information, which would be damaging if publicised. All the teams are also well aware that the global platform of F1 is attractive to hacktivists and mischief makers.
“Business data can have catastrophic effects if it’s made public,” said Gary. “We’re all representing brands, the manufacturers, all the partners the teams have, we’re representing them. So we have a duty of care to those organisations.”
Unobtrusive protection
As a new entrant to the market, and a disrupter to the sport, Haas F1 is keen to continue this vision into their work environment, ensuring they have a dynamic approach to their IT solutions including staff utilising their own devices.
“We’ve got to protect our workforce,” Gary said, “we operate a ‘bring-your-own-device’ policy as an enabler for business, allowing people to use their personal devices but in a corporate environment.
With all of this in mind, the Haas F1 Team has recently added Nominet’s NTX to their security portfolio – a cyber security solution that uses unique, advanced DNS analytics and machine learning to predict, detect and block threats from networks before any harm is done.
“A key part of the Haas model is that we outsource expertise and the engineers at Nominet are experts in their field,” Gary said. “They’re able to look at the data that’s coming from our network through their platform, and provide us with results that we can understand.”
Immediate value add
Right from the start, NTX proved its mettle. An organisation like Haas F1 of course already has a mature security stack but even so, they were impressed.
“We were pleasantly surprised by the results of only a month or so of NTX operation and it clearly validated our decision to add DNS-based protection to the heart of our network,” Gary said. “NTX found vulnerabilities that we weren’t aware of, and evidence of android malware that had managed to get on to some personal devices. It’s already proved its value to us.”
“We knew that although DNS is crucial for network operations, it is also used by most of the malware out there right now,” he added. “It’s my duty to make sure we’re continuously improving our protection and the next step was to use DNS for protection instead of allowing it to be a liability.”
Protecting your business
Doesn’t your business deserve robust cyber protection? Find out more about how you can benefit from the same level of protection as one of F1’s most innovative teams.