What would happen if a cyber-attack hit a large convention center during the opening general session of a premier citywide event, shutting down building electrical and HVAC systems in the middle of winter? This was the scenario presented to participants in Operation Janus, a Cyber Security Tabletop Exercise hosted by the Massachusetts Convention Center Authority (MCCA) on December 1, 2021, with the goal of training and educating the Boston large venue community.
In 2019, the MCCA applied for and received a Department of Homeland Security grant to undertake a Tabletop Exercise (TTX) to explore a cyber security incident at a large venue. Due to the impact of COVID, the exercise was put on hold until it could be hosted in person. Participants in the exercise included Federal Bureau of Investigations, Department of Homeland Security, Executive Office of Public Safety and Security, Executive Office of Technology Services & Security, the Boston Police Department, Boston Fire Department, Massachusetts State Police, Massachusetts Port Authority, Massachusetts Emergency Management Agency, Commonwealth Large Venue Task Force, and MCCA staff.
Goals of the TTX were to:
- Examine the cyber security capabilities of a large venue within the Commonwealth of Massachusetts and establish key planning, preparedness, response, and recovery functions.
- Incorporate Federal, State and Local partner agency roles, resources, and response into the cyber incident.
- Develop an After-Action Report for lessons learned.
- Develop a Cyber Security Incident Response Plan template to share with our industry partners at other large venues to benefit others throughout the country.
During the TTX, a moderator presented a fictional scenario to “Players” (active participants in the exercise), who were then asked to work through what they would do if an event at the BCEC was interrupted by a cyber-attack. TTX Players worked cooperatively during the exercise to address the wide range of issues that arise with the complexities of a cyber incident, both associated with the cyber incident itself and with management of the consequences.
The TTX lasted a full day and was held in one of the BCEC’s largest meeting rooms. The front of the room was set as the Player Area, while observers sat on the perimeter and were given the opportunity to provide input. Players included the MCCA Executive Team, Event Management (with Transportation, Public Safety, Exhibitor and Guest Services), Engineering & Maintenance, IT Services and Public Authorities representing the city, state, and federal government.
One of the primary takeaways from the TTX was the value of having a Cyber Incident Response Plan, which serves as a framework for how to deal with a cyber incident and includes preventative measures to protect a network before an incident can occur. Because the MCCA has an internal Cyber Incident Response Plan in place, the TTX provided an opportunity to test the plan in a safe environment, find weaknesses, and train MCCA teams.
Additionally, the exercise brought to light the importance of resource management, especially if an incident stretches into a longer period. Organizations need to know what outside resources are available to step in and help.
The MCCA is continually working to foster its relationship with public authorities to ensure a timely response to any type of emergency. Additionally, the MCCA’s work with the Massachusetts Large Venue Partnership, a panel of security experts developing recommendations to bolster safety and security at large venues statewide, has been an invaluable resource for sharing knowledge and providing support.
“Creating and maintaining a secure network environment requires constant vigilance and a commitment to investment and training to keep up with an always evolving technological environment,” said David Gibbons, Executive Director of the MCCA. “The ability to keep the lines of communication open internally and with our public and industry partners through training and education is key to thwarting cyberattacks against the Authority and our customers.”
MCCA’s Chief Information Security Officer, Rob Noonan, expressed similar sentiments: “Safety and security is always at the forefront of the MCCA and as the security threats have evolved, so does the need to prepare for what the future may hold. Through our constant focus on training and exercises in all areas of safety and security including Cybersecurity our hope is that we will be ready and not have to get ready. “
The Boston Convention & Exhibition Center is the first convention center in the United States to be Safety Act Certified by the Department of Homeland Security. Our Public Safety Team offers a wide range of complimentary and value-added services to support your event and will work with you to create a comprehensive public safety plan for your event at the BCEC or the Hynes.
If you would like to learn more about Operation Janus or the MCCA’s Cyber Security Response Plan, contact Rob Noonan, Chief Information Security Officer, at rnoonan@SignatureBoston.com.