Interview: Gary Foote, CIO, Haas F1 Team — Report

The motor racing industry is one that is well-known for being exciting and adrenaline-fuelled. The category of Formula One (F1) is the highest class of single-seater auto racing sanctioned, with F1 cars the fastest regulated road-course racing cars in the world.

F1 racing is considered one of the most popular and highly-followed sports in the world, with annual seasons consisting of a series of races known as the Grands Prix, which take place across the globe, attracting billions of viewers internationally.

However, perhaps less-commonly recognized are the various information security risks and challenges that impact F1 and the wider motor racing industry. Well, one man who is particularly well-versed in this area is Gary Foote, chief information officer at Haas F1 Team.

Haas F1 Team is an American licensed F1 racing team established by Gene Haas in 2014 and one of the regular competing teams in F1 racing.

Infosecurity spoke with Foote to learn more about the information implications for his team, F1 racing and the wider motor sport industry.

How important is information security within the motor sport industry?

Keeping our systems secure is absolutely critical in motor sport. F1 is a highly data rich sport, which means there is a lot to be protected. Cars have hundreds of sensors measuring every aspect of the car’s internal status and track performance, which generates hundreds of gigabytes of data over the course of a race weekend. As well as this, there is also data from aerodynamic testing, race simulations and video analytics of pit stops, which are all highly sensitive, not to mention core business data such as financial and personnel information.

What are the cyber-risks that threaten F1 racing?

F1 faces a relatively unique challenge in that data is being transferred globally, between many different partners. You have the team’s headquarters, the race team at the track which can be anywhere in the world, and finally – for Haas specifically – we have bases in the UK, US and Italy where data flows between. It is a vast network to manage, and as such we need to have the right tools to help protect ourselves. We need complimentary layers of security that ensures data is protected, whilst also allowing our staff to do their jobs without any inconvenience.

How do cyber-criminals and fraudsters target the motor racing industry, and to what effect?

F1 is a global sport and is highly reliant on technology. This offers up a lucrative target for cyber-criminals to cause disruption. With so much data being transferred around the globe, there is a risk that criminals may try and intercept sensitive information or leverage the platform for criminal activity.

When we introduced DNS monitoring, we further bolstered our wider layered strategy, which is under constant review. Nominet’s NTX solution is integral to that strategy.

What are the key requirements for ensuring the motor sport sector is kept secure?

Having such a global operation throws up additional security issues and it’s important to test security systems before rolling them out in remote locations. F1 is a very unique environment and changes must be managed carefully, as they have the potential to severely hamper teams from doing their job well.

Having a layered approach to security also ensures that you have maximum visibility and protection. With both the threat and security landscape continuously changing, it is essential to always consider and assess the new tools and strategies that emerge.

Source: Info Security