Rich Energy Haas F1 Team is using machine-learning security technology to analyse external threats and eliminate malware, phishing and data theft from its networks.
Big Data plays a crucial role in the fast-paced sport of Formula 1 motor racing, helping teams to monitor and then improve performance with the aim of gaining a competitive advantage on the track. Haas F1 has deployed Nominet's NTX cybersecurity technology to keep its networks and its data safe and secure.
The NTXsecure platform analyses domain name system (DNS) traffic to predict, detect and block threats from the network before they cause harm. NTX uses machine-learning technology to analyse and apply policy to potentially billions of queries automatically. Gary Foote, CIO at Haas F1, says Nominet represents a key layer in the team’s security strategy, helping to automate time-intensive security processes and raise potential concerns quickly:
It's a service they provide and they're doing the legwork for me. They're using clever algorithms and people to sift through all the mountains of data that come out of all of our sites across the world. The output of that analysis is either blocking certain traffic that they know is bad or they highlight potential issues to us. We’ve got to keep adding layers and complimenting products, making sure that we’re covering ourselves against what are ultimately very clever people who are up to no good.
Haas F1 is a globally-dispersed business, with offices in the UK and Italy, a sister racing team – Stewart-Haas Racing – in the United states, and a mobile organisation that travels the world fulfilling race-day operations and obligations. Data moves frequently between these locations. While much of that traffic is legitimate, Foote doesn’t want staff to become too complacent – and this is where Nominet’s technology plays a key role:
DNS is hugely important to every F1 team, especially us given all our data movement, but also it’s almost a bit too trusted – people can take DNS for granted. DNS traffic has an ability to filter through the various layers of security technology, be that anti-malware, anti-virus or firewalls, especially when those products haven’t yet worked out what’s going on in terms of data movement. Given the monstrous amount of data that they churn through in their business, Nominet has a great insight into what looks bad and what’s perfectly good. Having that extra set of eyes on a set of data is a really strong layer to add to our security strategy.
That level of protection is crucial because Foote is keen to avoid IT becoming a blocker rather than an enabler. He says the proactive approach of Nominet’s NTX technology helps ensure people in the business can work how they want, without putting the team’s data at risk:
USB sticks can potentially provide an easy way into your enterprise, but if I stop our people using those tools, it could prevent a lot of people from doing their jobs. What I actually want to do is to put in technology that allows people to do what they want to do but which is also protecting the company, the intellectual property and the data in the background. Each piece of IT that we implement has to fit that remit.
The NTX technology was used for the first time at the Azerbaijan Grand Prix at the end of April. Foote says the selection process was driven by going to market and seeing who was able to offer services that could help improve the team’s security strategy:
When we started talking to Nominet, and when we started concentrating specifically on DNS, it meant we didn’t need to talk to anyone else in detail because I was completely convinced by the technology they produce and their history. I didn’t have to reach out to the wider market because Nominet had a product I wanted.
Foote says Haas F1 has to work closely with trusted partners to make the most of the firm’s resources. The team has a smaller budget than its manufacturer-backed rivals and it also has a low head count of about 190 people. Foote says Haas F1 will always work closely with outsourcing partners, whether that means with Ferrari for engines, Dallara for carbon parts, or Nominet for security:
We prefer to look for experts in their field – we’ll talk to suppliers and focus on firms that are the best at what they do. We’d be fools to try and do that in house. We’re very careful about how we engage with those partners, of course – and if we feel there’s a strategic advantage, then we make sure that’s protected. But, more often than not, there’s great companies making great technology and, if we can use that, then we should do. I’d always favour that approach over establishing internal expertise in a given field.
Foote is already seeing the benefits of the new working relationship. He runs a bi-weekly forum, where he sits down with his security head in the US and goes through the Nominet reports. Foote says quite a lot ends up being legitimate traffic, but it also shows where red flags might be real – and that’s where the reports help sponsor a proactive approach:
The last few reports have shown more increases in terms of potential vulnerabilities on mobile devices. That’s an eye opener for us because we run a BYOD policy and have less corporate governance on mobile devices. We allow staff to pick their own devices and we then put a wrapper around them. Seeing some of the Android exploits coming up allows us to take action. Nominet allows us to sift through vast quantities of information and bring it down to the bits that I need to look at.
Crucially, Foote expects the relationship to produce new benefits in the future. He is working closely with Nominet and is helping to shape the long-term shape of the service:
They’ve asked us to provide feedback in terms of how we can work on their product, so that they can build those features in – and that’s hugely lucky for us because we know that the product’s going to evolve with us. It’s working today and it’s going to be even better tomorrow.