Case Study: Modernizing Cybersecurity at the Sydney Opera House

The Sydney Opera House is one of the world’s busiest performing arts centers and Australia’s number one tourist destination. On the Opera House’s 40th anniversary, it engaged VMtech and Cylance to modernize its IT server and network infrastructure, as well as information management, privacy, and cybersecurity.

The Organization

Each year, the Sydney Opera House attracts more than 8.2 million visitors onsite and stages more than 2,000 performances attended by over 1.5 million people.

Since opening its doors in 1973, the Opera House has become the symbol of modern Australia and the country’s premier tourist destination, with an iconic or national-identity value that Deloitte Access Economics has estimated at $4.6 billion.

On the Opera House’s 40th anniversary, it embarked on a Decade of Renewal, a series of projects to prepare the Opera House for future generations of artists, audiences and visitors. Renewal isn’t just about the building and the arts; it’s also about renewing technology and systems. This enabled the Opera House to engage VMtech and Cylance to modernize its IT server and network infrastructure, as well as information management, privacy, and cybersecurity.

The Situation

As Head of Infrastructure and Information at the Opera House, Garry Wordsworth is responsible for the building’s information technology and networking operations. This includes the IT server and network infrastructure, information management, privacy, cybersecurity and a variety of physical security and building management functions. 

According to Wordsworth:

“We recognized that our signature-based defenses were no longer providing us with the systems and services we required. When it came time to renew our technology and endpoint security systems, we were interested in learning more about Cylance’s artificial intelligence and math-based approach to endpoint protection. After much testing and collaboration, we had the confidence to engage VMtech as the service provider and choose Cylance as our preferred supplier to implement next-generation endpoint security.”

The Process

“Cylance was subject to an extensive tender process along with other leading vendors, as part of the Opera House’s procurement process,” said VMtech Account Manager, Connor Lavy. The Opera House team crafted a detailed test plan that began with the installation of each product’s management console and agent software. Next, the Opera House team exposed each product to a suite of malware and custom exploits and collected statistical measures to determine the products’ accuracy and effectiveness.

Each product was then ranked based on criteria including:

•       The level of granularity possible in defining endpoint security policies
•       Capabilities for whitelisting and blacklisting selected devices, applications, and script
•       Whether - and how frequently - signature and model updates were required
•       The extent to which each product’s data access and storage methods complied with the government’s data privacy and data sovereignty requirements.
•       Their overall effectiveness in preventing the execution of advanced malware, malicious scripts and both fileless and file-based attacks.

At the end of the testing phase, CylancePROTECT® emerged as the preferred solution. According to Wordsworth:

“There were a number of reasons we decided to go with CylancePROTECT as our preferred solution. First, CylancePROTECT was the only one that detected and blocked every test. This was an impressive performance. Secondly, CylancePROTECT security policies proved to be extremely granular. For example, we were able to restrict the right to run scripts to members of our IT department only.”

CylancePROTECT’s unique architecture incorporates extensive features for ensuring customer and data privacy. For example, CylancePROTECT does not require customers to constantly stream data to the cloud or rely on Internet connectivity for protection. This was important to the Opera House as they wanted to ensure private customer information would always remain within their internal network environment.

In addition, since CylancePROTECT’s management interface is hosted on Amazon Web Services servers in Sydney, the Opera House was able to adopt a SaaS platform.

The Results

Since being deployed, CylancePROTECT has demonstrated its effectiveness in preventing both fileless and file-based attacks. According to the Opera House’s Wordsworth:

“Recently, a DLL injection trojan caused havoc at some of the world’s largest organizations. We too were targeted by this DLL injection; however, CylancePROTECT blocked it instantly. When we checked VirusTotal.com, as we do frequently, we discovered that our legacy defenses would have failed us. The recovery and remediation tasks alone would have cost us valuable time, effort, and productivity. We’re confident in CylancePROTECT’s ability to prevent incoming attacks like these.”

Wordsworth also appreciates how quietly CylancePROTECT’s agent software runs in the background and that installs or updates don’t require reboots:

“That makes our end-users happy and frees up our data center staff from having to reboot servers when updates are released. We’ve also seen a drastic decrease in the quantity of false positives we have to investigate. When you’re managing a complex infrastructure like ours, efficiency improvements like these really matter.”

Now that the Opera House’s endpoint protection strategy is solidly in place, Wordsworth is planning additional enhancements to its security infrastructure:

“We will continue working closely with VMtech to maintain, upgrade, and improve our systems,” Wordsworth said.

Read and download the full Case Study HERE (PDF)