Presented by Cisco
Defending Super Bowl LIX and all high-profile National Football League (NFL) events from adversarial attacks that potentially include weaponized AI, endpoint attacks, deepfakes, and finely tuned social engineering skills requires experienced, battle-tested capabilities and solid leadership.
Tomás Maldonado, the NFL’s chief information security officer (CISO), is up for the challenge.
Under his direction, the league’s cybersecurity team safeguards 32 franchises, 30 stadiums, and marquee events, including Super Bowl LIX. Beyond the field, Maldonado’s group secures related business ventures owned by NFL stakeholders — protecting fan safety, ensuring in-game continuity and keeping the NFL’s brand uncompromised.
Maldonado brings more than 23 years of experience. He served as CISO at International Flavors & Fragrances, held an executive director/CISO role at JPMorgan Chase’s corporate sector, worked as vice president of technology risk management at Goldman Sachs and was a network security officer at Schroders. He credits this range of roles for building his “battle-tested” capabilities.
In a recent discussion with VentureBeat, Maldonado outlined how the NFL integrates cyber and physical security, collaborating with agencies such as the FBI and Secret Service for SEAR 1-designated national special security events like Super Bowl LIX. While the NFL’s scale is immense, he believes its methods can guide any security leader.
Top 10 strategies from the NFL’s cybersecurity playbook
Below are 10 strategies he and his team follow, applicable to organizations of all sizes.
1. Invest in strong, year-round preparation
“When it’s all said and done, it should be boring from a cyber standpoint but exciting on the field.”
Major NFL events, including Super Bowl LIX, require security planning 12 to 18 months in advance. The league partners with federal agencies, local law enforcement and technology providers long before game day.
“We treat it like a complex puzzle,” Maldonado says. “When it’s all said and done, it should be boring from a cyber standpoint but exciting on the field.”
During the offseason, his team conducts tabletop exercises to define each stakeholder’s crisis role. By building tight coordination early, the NFL can swiftly scale defensive measures once the season starts or as the Super Bowl nears.
2. Maintain a dynamic CIA triad
Confidentiality, integrity and availability (CIA) form the NFL’s foundation, but Maldonado’s team adjusts priorities. Ticketing data and credentials need strong confidentiality and integrity leading up to a major game. “Right before the game, fans need secure tickets that aren’t duplicated,” Maldonado notes.
Once the game begins, the availability aspect of the NFL’s CIA triad strategy dominates. Stadium operations, broadcast feeds and streaming services must stay online so fans can watch without interruption. This flexibility helps the NFL adapt to changing conditions.
3. Embrace cyber-physical convergence
Digital breaches can have physical consequences. A hacked scoreboard, compromised elevator or targeted social media threat may cause chaos in a packed venue. “A cyber incident could trickle down into health and safety issues,” Maldonado says. He works closely with the NFL’s physical security department, safeguarding stadium infrastructure from video boards to escalators. Other industries should similarly view cyber and physical security as one continuum.
4. Collaborate early and often with diverse stakeholders
The NFL brings together 32 franchises, numerous agencies and diverse business interests. Maldonado underscores that patient communication fosters trust. “Because we’re all focused on fan safety and a smooth event, we almost immediately find common ground,” he says. He tailors his message for owners, local officials and federal agencies, highlighting how cybersecurity benefits business continuity and fan experiences alike.
5. Rely on real-time threat intelligence
“We definitely lean on our partners, specifically Cisco, to help us get that intelligence information, get that real-time data around what we’re seeing and those threats we’re facing.”
During games, Maldonado’s team continuously monitors network traffic, ticketing systems and social platforms. They act quickly on suspicious indicators.
“It’s almost like we’re playing a game with adversaries while the real game is on the field,” Maldonado explains. “We definitely lean on our partners, specifically Cisco, to help us get that intelligence information, get that real-time data around what we’re seeing and those threats we’re facing so that we can pivot and make those decisions around blocking or tackling, or delaying appropriately, but with credible information at the time when we need it.”
6. Keep the fan experience frictionless
NFL security aims to remain invisible unless necessary. Minimal checkpoints and streamlined ticketing help fans move freely. “We introduce friction where it’s necessary,” Maldonado says. “You can’t eliminate it all, but we try to keep the fan experience smooth.”
Monitoring runs in the background, surfacing overt measures only when alerts spike. Fan data is also protected, keeping everyday transactions hassle-free.
7. Prioritize risk in real time
With staff devices and venue networks in play, the NFL faces vast attack surfaces. Maldonado’s team manages risks by focusing on critical assets as events approach. “We’re very focused on critical assets as game day nears,” he says. Ticketing systems and broadcast feeds typically receive extra protection first, minimizing downtime — especially important for the Super Bowl’s massive global audience.
8. Cultivate and continuously pursue adaptive resilience
The NFL’s operations span continents. Games in Europe or Mexico — and sudden pivots like an entirely virtual draft — demand flexibility. “Whether we’re in Europe or playing in Mexico, we make sure our security standards don’t drop,” Maldonado says. His team navigates local regulations, foreign ISPs and unexpected challenges, underscoring the importance of processes that quickly adapt to new threats or protocols.
9. Leverage AI as a force multiplier
Maldonado sees AI as central to the NFL’s future. AI accelerates incident response, pieces together scattered data and spots anomalies at scale. “These technologies challenge our controls but also give us new opportunities,” he says. AI-driven automation can lighten the load for analysts, reduce reaction times and improve both security and fan engagement. Other organizations can benefit from similar initiatives.
10. Commit to continuous learning
“We do so many tabletop exercises that, when something does happen, we already have a plan.”
No two NFL events are the same, so Maldonado’s team learns from each one. After-action reviews identify missed threats or areas to refine, feeding improvements into future playbooks.
“We do so many tabletop exercises that, when something does happen, we already have a plan,” Maldonado says. Regular briefings keep owners and executives engaged, reinforcing a shared focus on emerging risks. This cycle helps the league adapt quickly to a fluid threat environment.
Inside the Super Bowl security mindset
“Because we’re all focused on the same objective — fan safety and a great event — the coordination is almost immediate,” Maldonado says.
Months of scenario planning ensure each stakeholder knows their role under pressure. On game day, availability is paramount — network failures aren’t an option with millions of viewers watching. Confidentiality and integrity also remain crucial, protecting tickets, credentials and sensitive communication.
If everything appears smooth, it usually means security teams have neutralized threats quietly. Maldonado values “invisibility”: Fans should never feel the tension of behind-the-scenes defense.
The high-stakes challenge of game day defense
“There are rules for football but in cybersecurity, we push boundaries. We don’t play fair with adversaries.”
Securing the Super Bowl can feel like playing two games at once: the famous one on the field and a defensive cyber contest behind the scenes. “There are rules for football,” Maldonado notes, “but in cybersecurity, we push boundaries. We don’t play fair with adversaries.”
His team distinguishes benign anomalies from real attacks in minutes or seconds. Real-time intelligence from partners like Cisco guides swift decisions — blocking malicious traffic or isolating compromised systems on the spot.
Looking ahead: AI, new threats and championship-level execution
Maldonado expects threats to keep evolving. AI-powered attacks, deepfakes and ingenious social engineering could target players, coaches or league infrastructure. A single deepfake might erode trust or disrupt operations. “We see these as opportunities to grow,” he says.
By refining its dynamic CIA approach, forging strong alliances and preserving risk-based prioritization, the NFL readies itself for emerging threats. Maldonado views AI and automation as force multipliers for detecting intrusions and managing them in real time.
These methods also apply to smaller NFL events or local fan meetups. Different cities bring unique regulations, but the fundamentals — preparation, collaboration, agility — remain the same.
Conclusion: A playbook for any sector
Robust cybersecurity often goes unnoticed. “When our security is invisible,” Maldonado says, “that’s a win — because fans can simply enjoy the game.”
Behind the scenes, the NFL’s security framework continually monitors threats and works with law enforcement to stay flexible. Leaders elsewhere can learn from this: Plan early, unite key players and refine defenses constantly. As cyber and physical realms merge, speed, coordination and foresight become vital.
”I spent a lot of time with our good partners at Cisco to design the solution that we have for the big event. Now we’ve also modeled that for our international games, and we’re starting to move that internationally as well. That resilience piece I talk about — cybersecurity has moved past the standard ‘No.’ Blocking everything is unrealistic. You need to be resilient,” advises Maldonado.
By merging technology, physical oversight and human vigilance, the NFL stays a step ahead of those eyeing its “digital end zones.” Maldonado’s approach — long-range planning, real-time awareness, agile partnerships and relentless learning — is a model any organization can follow. Whether you’re safeguarding data centers, global events or local gatherings, the strategy is the same: Protect core assets, practice constantly and never get complacent.
When security remains behind the curtain, it reflects steadfast leadership, skilled teams and ceaseless diligence — the same qualities Maldonado brings to the NFL’s dynamic digital battlefield.
Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. For more information, contact sales@venturebeat.com.
