Which NFL Teams Have the Best Cyber Defense?

With football season just around the corner, we at Panorays decided to test the strength of NFL teams’ cyber defenses.

We did this by simulating a hacker’s view to uncover cyber gaps on NFL team websites and digital assets. Above all, we wanted to know: Would there be any correlation between how teams played on the field and how their websites withstood cyberattacks?

The results are in, and we have some surprising predictions for the upcoming season. And as part of our motivation for this research, we aim at winning an Ig Nobel prize!

Cyber Defense vs. Football Defense

Cyber Defense vs. Football Defense“We will keep our ports closed and you will have your certificates trusted!”

Surprisingly, some teams excel at cyber defense more than defense on the field.

Team Panorays Cybersecurity Rating NFL Standing
Kansas City Chiefs #1 #10
New York Jets #2 #27
Miami Dolphins #3 #22
Los Angeles Rams #4 #6
Pittsburgh Steelers #5 #4

Take, for example, the New York Jets and the Miami Dolphins. These two teams were not that successful last year during football season, but their security posture is quite good compared to the other teams. The Jets ranked #2 on Panorays, compared to #27 in the season, and the Dolphins ranked #3 for cyber posture, compared to #22 during the season.

Is it possible that they are focusing on cybersecurity more than football?

Miami Dolphins focusing on cybersecurity

“If you find a flash drive outside the Dolphins offices, don’t plug it into our computers and servers!”

In fact, overall we found that there was no correlation between NFL standings and teams’ cyber posture. This can be seen in the graph below, where we mapped the top 10 teams with the highest Panorays cyber rating and their standings in the NFL:

Top 10 teams with highest Panorays cyber rating

Undeterred, we continued with our research to uncover some sort of pattern.

The Role of Revenue, Size and Digital Assets

We hypothesized that the teams with the largest franchises and highest revenues would likely invest more in cybersecurity. But as indicated on the chart below, this was not necessarily the case.

Team Panorays Cybersecurity Rating Franchise Ranking 2016 Revenues Ranking
Kansas City Chiefs #1 #24 #25
New York Jets #2 #9 #7
Miami Dolphins #3 #12 #19
Los Angeles Rams #4 #6 #20
Pittsburgh Steelers #5 #16 #13

In fact, we discovered that the Chiefs, who received the highest ranking for cybersecurity, were not even close to having the highest revenue or largest franchise.

We also presumed that the most secure teams would have less digital assets to attack. We found that this was indeed true.

Team Panorays Cybersecurity Rating Digital Assets Ranking
Kansas City Chiefs #1 #31
New York Jets #2 #11
Miami Dolphins #3 #21
Los Angeles Rams #4 #32
Pittsburgh Steelers #5 #13

This result made sense, since less digital assets result in a smaller attack surface, and thus a better cybersecurity posture.

The Human Factor

What motivates hackers? Money, secrets, fun and revenge (served cold).

Multiple resources on the web indicate that the Pats are the most hated team in the NFL — a consequence, perhaps, of their success on the field. Interestingly, we discovered that the Pats have a consistently strong cybersecurity rating; they are ranked #12 out of all the NFL teams. Could it be because they are expecting more hackers than other teams?

What motivates hackers?

Meanwhile, the Dallas Cowboys ranked #2 as the most hated, while the Philadelphia Eagles ranked #3. Based on this parameter, both teams need to improve their cyber defense efforts.

Cybersecurity and Football Stats

We tried to come up with a correlation between various cybersecurity categories and football-related categories.

For example, we compared football interceptions to SSL cybersecurity postures. Is there a correlation between teams that know how to defend their SSL postures and teams with good interceptions ratings?

Team Panorays SSL Rating NFL defense interceptions 2017
Kansas City Chiefs #1 #9
New Orleans Saints #2 #3
Los Angeles Rams #3 #6
Baltimore Ravens #4 #1
Jacksonville Jaguars #5 #2

Surprisingly, we found that teams with good SSL cyber posture are also ranked high on the list for the most interceptions during the 2017 season.

Cybersecurity and Football Stats

Yes! We can log in without worries!

We went the extra mile and decided to compare mail server cyber posture to passing in football. Does the team with the best mail server cyber posture rank among the highest for passing in the NFL?

Team Panorays Mail Server Rating NFL offensive passing 2017
Houston Texans #1 #21
Kansas City Chiefs #2 #7
Los Angeles Rams #3 #10
Jacksonville Jaguars #4 #17
Denver Broncos #5 #20

Looks like we can use some of Deshaun Watson’s passing abilities to make our mail server more secure.

The final test was to see if teams with good web server cyber posture are also good at defense. For this category, we used sacks as our defensive measurement:

Team Panorays Web Server Rating NFL Defense sacks 2017
Pittsburgh Steelers #1 #1
Los Angeles Chargers #2 #5
San Francisco 49ers #3 #26
Dallas Cowboys #4 #15
Cincinnati Bengals #5 #11

Boom!

At this point we started to seriously think about applying for a potential new position in the NFL as cyber coordinator.

Our Prediction for the Winning Team

The Kansas City Chiefs were found to be the team with the best cyber security posture! We predict that they could very well be the champions of the NFL 2018 season.Prediction for the Winning Team

In security, we always say that the best defense is a good offense, and as the Chiefs were ranked #5 on both defense and offense in the 2017 regular season, we can see they are doing something right here.

Of course, they haven’t won the Super Bowl since 1970. But you never know.

Personal Note

I am a Steelers fan, and I’d like to take this opportunity to wish the team luck this season. I’m sure they will make us proud!

I wish all football fans a great season!

Personal note from Panorays CISO

You may be interested in

Guides

The CISO’s Guide to Choosing an Automated Security Questionnaire Platform

Case Studies

WalkMe Receives a 360° View of Suppliers Using Panorays

Guides

10 Critical Issues to Cover in Your Vendor Security Questionnaires

This site uses cookies to tailor your experience and understand how visitors use the site. Visit our Privacy Policy for more information.