The company
Creating the best sports and live event experiences for Canada’s capital city may sound like a daunting goal—but the Ottawa Sports and Entertainment Group (OSEG) makes it look easy.
Headquartered at the TD Place stadium and arena complex at Lansdowne Park, OSEG may be best known for owning and operating the Canadian Football League’s REDBLACKS and the Ontario Hockey League’s Ottawa 67s. Through a partnership formed with the city of Ottawa to transform the area, OSEG also manages and operates all of the facilities at Lansdowne Park— which include a live, work, and play district with a 40-acre park.
Pete Chamberlin, Director of IT, joined OSEG in 2014 when the development was under construction. Today, Pete and his staff of four manage IT and cybersecurity for 85 team members, including coaches and staff. Since COVID-19 lockdowns, 90% of employees are still working remotely.
“The pandemic presented us challenges, but the upside was we already had the remote infrastructure in place,” he says. “Our top priority is following the best cybersecurity practices to support flexible work as well as plan for the return to offices."
The challenge
After a ransomware incident several years ago, Pete realized he needed a much better view across everything that was happening in his network.
“When we experienced the ransomware attack, I could see the signs that something was wrong—our network drives were locked up and I noticed increased traffic to our email server and a volume of emails being sent. But it was tough to pinpoint exactly what it was or know the steps to take to stop it,” he explains. “It took us hours to find the infected machine.”
For Pete, it was a wakeup call. While OSEG’s network perimeter was protected through a firewall and there was backup and recovery services in place, he lacked comprehensive cybersecurity.
He needed the technology, tools, and support that would provide the visibility to stay ahead of cyber threats and other risks. “We’re not cybersecurity experts and really had no way to recognize suspicious activity early enough or even understand the right actions to defend against an active cyberattack,” Pete adds.
The solution
As Pete started to investigate his options for cybersecurity support, he connected with the team at Field Effect. As a global cybersecurity company, Field Effect specializes in managed threat detection and response (MDR) for small and mid-sized businesses (SMBs).
His meeting with Field Effect proved valuable—and convenient: Field Effect is also headquartered at Lansdowne Park and its team includes some of the best talents in cybersecurity.
After seeing a demo of Field Effect MDR, Pete was sold. “Once we started using Field Effect MDR, the difference was immediate,” he says. “We finally had a complete picture of our network activity and could see the data being collected from events across our IT infrastructure. I remember seeing security vulnerabilities on 15 of our computers—only now we could understand and address the issues.”
In contrast to other threat monitoring solutions, Field Effect MDR takes a holistic approach to cybersecurity by providing a complete monitoring, detection, and response solution. This includes protection for every aspect of a company’s threat surface—networks, endpoints, cloud services, and more. From one easy-to-use platform, Field Effect MDR monitors and detects threats across the entire IT environment and provides the analysis as actionable alerting and reporting to speed response and remediation.
Field Effect MDR’s threat reports are provided as Actions, Recommendations, and Observations (AROs), designed to filter all the complexity that it generates into relevant information that provides a clear path to resolve vulnerabilities or issues.
“The AROs tell me exactly what I need to know,” explains Pete. “The reality is, I don’t need to know how the threat behaves or works. I also lack the time to read details about every potential threat. I just need to know what is urgent and that there are cybersecurity experts by my side identifying and recommending the best actions to take.”
Another aspect where Field Effect MDR shines is identifying vulnerabilities in software or outdated versions.
As Pete explains, OSEG employees are not in a locked down environment with restrictive usage rights—they can access and install the software they need. “While this enables users more flexibility and definitely saves us time managing requests, it introduces risk as we can’t expect people to be diligent about doing updates.” Field Effect MDR has effectively eliminated this risk.
”We don’t always have the time to track all software vulnerabilities, patches, or new versions of software needed. We manage this for Microsoft products, but our users can have a wide range of applications and software,” he says. “For example, with the move to remote work, we’re using more video conferencing applications. In the past year, if someone downloaded and installed Zoom and there was a vulnerability, we wouldn’t know in advance.”
“This is where Field Effect MDR provides a big advantage. Using Field Effect MDR, we now have that insight and can manage the patch or the update.”
The results
If you ask Pete about OSEG’s cybersecurity today, the organization now has visibility to its threats and has significantly improved its defense.
“We couldn’t do this on our own,” he says. “Now we rely on Field Effect MDR and their team to continually identify and define our risks, alert us to priorities, and provide the recommendations. This keeps our security on track and results in major efficiencies and peace of mind.”
Pete estimates he has realized a 90% time savings when there is a potential incident. “Field Effect MDR’s data collection and reporting are outstanding. You know in a minute if there is an urgent issue and what is needed. This has cut hours, and even days, from our work week.”
Pete has also improved his patch management process by 100% and experienced a 70% time savings overall with this. “We’re identifying vulnerabilities and managing patches and updates much more quickly.”
“Most people think that if you sign up with a cybersecurity company, you’re automatically protected,” he adds. “But you need to ensure this results in the technology and capabilities to see what’s happening across your network and understand the best course of action to take. That’s where Field Effect MDR comes in—it not only keeps us protected, it provides the critical insights we need.”
