There’s now a cybersecurity organization dedicated to U.S. sports

In 1984, during the Summer Olympics hosted in Los Angeles, Calif., Soviet athletes boycotted the games. Just four years prior, shortly following the Soviet invasion of Afghanistan, U.S. athletes did the same when it was Moscow’s turn to host the summer games. Today, it appears that some contemporary protests may have taken the form of a cyberattack; as Russia has been blamed for hacking into the World Anti-Doping Agency, or WADA, and doxing several prominent american athletes.
(Keith Allison / Flickr)

From Russian-affiliated hackers taking health information from the World Anti-Doping Agency and doxing several prominent U.S. athletes, to a former Major League Baseball scouting director breaking into an opposing team’s data records, to a NBA basketball team falling victim to a phishing scam, cybersecurity is becoming an increasing worry for high-profile sports organizations.

With leagues, athletes and team franchises increasingly turning to technology — be it social media, virtual reality, big data or mobile apps — for strategy or business growth, hackers are also beginning to see the value of that data, explained Doug DePeppe, cofounder of the Cyber Resilience Institute, during a phone interview.

DePeppe’s small team has established one of the first information sharing and analysis organizations, or ISAOs, solely dedicated to sports. The ISAO will work to monitor, report and respond to cyberattacks specifically aimed at sports-related digital assets, along with feeding threat information to professional, college and high school sports organizations.

Based in Colorado Springs, Colo., the “Sports ISAO” recently worked to support the United States Olympic Committee at Summer Olympics in Rio De Janeiro.  As part of this effort, the ISAO had several core responsibilities, including threat analysis and reviewing malicious social media activity in tandem with federal partners.

Sports ISAO

Sports ISAO

The professional sports market in North America is expected to be worth $73.5 billion by 2019, according to a 2015 PricewaterhouseCoopers report. A significant percentage of future revenue growth will be derived from “new media” opportunities, the report details, especially those that leverage the internet for distribution. In the future, DePeppe believes that there will be a palpable demand from these organizations for tailored threat intelligence and response services.

In recent weeks, the Sports ISAO has engaged in a series of partnership conversations with “major” sports organizations, said DePeppe, who described his ISAO as a hybrid non-profit that closely collaborates with a cohort of security, legal and advocacy organizations that in turn provide different operational capabilities.

The group relies on products and services rendered from for-profit companies like IT contractor Colsa Corporation, threat intelligence platform developer ThreatConnect and internet sensor firm FarSight Security. The Cyber Resilience Institute and DePeppe’s own cyberlaw and interdisciplinary advisory firm, Eosedge Legal, are also involved.

Beyond the private sector, the Sports ISAO has worked to integrate cyberthreat intelligence feeds that come from the Department of Homeland Security.


“We are starting to have a dialogue with DHS about mission space as it relates to critical infrastructure, sporting events and where we can align,” DePeppe said.

A growth in the presence and impact of ISAOs across the U.S. stems from a 2015 executive order to encourage the creation of intel-sharing groups over the next 10 to 15 years that are dedicated to specific communities.

As for staffing the Sports ISAO, DePeppe explained that he hopes to develop talent from the community by hiring interns directly out of college and high school. He hopes that doing so will offer an active learning experience that will ultimately result in a more talented cybersecurity workforce.

The Sports ISAO is expected to launch in a full operating capacity either later this year or early 2017.

To contact the reporter on this story: send an email or follow him on Twitter at @Bing_Chris. Subscribe to CyberScoop to get all the cybersecurity news you need in your inbox every day at

Chris Bing

Written by Chris Bing

Christopher J. Bing is a cybersecurity reporter for CyberScoop. He has written about security, technology and policy for the American City Business Journals, DC Inno, International Policy Digest and The Daily Caller. Chris became interested in journalism as a result of growing up in Venezuela and watching the country shift from a democracy to a dictatorship between 1991 and 2009. Chris is an alumnus of St. Marys College of Maryland, a small liberal arts school based in Southern Maryland. He's a fan of Premier League football, authentic Laotian food and his dog, Sam.

Latest Podcasts