< Back to Blog
Which NFL Teams Have the Best Cyber Defense?
Research

Which NFL Teams Have the Best Cyber Defense?

By Elad Shapira Sep 25, 20185 min read

With football season just around the corner, we at Panorays decided to test the strength of NFL teams’ cyber defenses.

We did this by simulating a hacker’s view to uncover cyber gaps on NFL team websites and digital assets. Above all, we wanted to know: Would there be any correlation between how teams played on the field and how their websites withstood cyberattacks?

The results are in, and we have some surprising predictions for the upcoming season. And as part of our motivation for this research, we aim at winning an Ig Nobel prize!

Cyber Defense vs. Football Defense

Cyber Defense vs. Football Defense“We will keep our ports closed and you will have your certificates trusted!”

Surprisingly, some teams excel at cyber defense more than defense on the field.

Team Panorays Cybersecurity Rating NFL Standing
Kansas City Chiefs #1 #10
New York Jets #2 #27
Miami Dolphins #3 #22
Los Angeles Rams #4 #6
Pittsburgh Steelers #5 #4

Take, for example, the New York Jets and the Miami Dolphins. These two teams were not that successful last year during football season, but their security posture is quite good compared to the other teams. The Jets ranked #2 on Panorays, compared to #27 in the season, and the Dolphins ranked #3 for cyber posture, compared to #22 during the season.

Is it possible that they are focusing on cybersecurity more than football?

Miami Dolphins focusing on cybersecurity

“If you find a flash drive outside the Dolphins offices, don’t plug it into our computers and servers!”

In fact, overall we found that there was no correlation between NFL standings and teams’ cyber posture. This can be seen in the graph below, where we mapped the top 10 teams with the highest Panorays cyber rating and their standings in the NFL:

Top 10 teams with highest Panorays cyber rating

Undeterred, we continued with our research to uncover some sort of pattern.

The Role of Revenue, Size and Digital Assets

We hypothesized that the teams with the largest franchises and highest revenues would likely invest more in cybersecurity. But as indicated on the chart below, this was not necessarily the case.

Team Panorays Cybersecurity Rating Franchise Ranking 2016 Revenues Ranking
Kansas City Chiefs #1 #24 #25
New York Jets #2 #9 #7
Miami Dolphins #3 #12 #19
Los Angeles Rams #4 #6 #20
Pittsburgh Steelers #5 #16 #13

In fact, we discovered that the Chiefs, who received the highest ranking for cybersecurity, were not even close to having the highest revenue or largest franchise.

We also presumed that the most secure teams would have less digital assets to attack. We found that this was indeed true.

Team Panorays Cybersecurity Rating Digital Assets Ranking
Kansas City Chiefs #1 #31
New York Jets #2 #11
Miami Dolphins #3 #21
Los Angeles Rams #4 #32
Pittsburgh Steelers #5 #13

This result made sense, since less digital assets result in a smaller attack surface, and thus a better cybersecurity posture.

The Human Factor

What motivates hackers? Money, secrets, fun and revenge (served cold).

Multiple resources on the web indicate that the Pats are the most hated team in the NFL — a consequence, perhaps, of their success on the field. Interestingly, we discovered that the Pats have a consistently strong cybersecurity rating; they are ranked #12 out of all the NFL teams. Could it be because they are expecting more hackers than other teams?

What motivates hackers?

Meanwhile, the Dallas Cowboys ranked #2 as the most hated, while the Philadelphia Eagles ranked #3. Based on this parameter, both teams need to improve their cyber defense efforts.

Cybersecurity and Football Stats

We tried to come up with a correlation between various cybersecurity categories and football-related categories.

For example, we compared football interceptions to SSL cybersecurity postures. Is there a correlation between teams that know how to defend their SSL postures and teams with good interceptions ratings?

Team Panorays SSL Rating NFL defense interceptions 2017
Kansas City Chiefs #1 #9
New Orleans Saints #2 #3
Los Angeles Rams #3 #6
Baltimore Ravens #4 #1
Jacksonville Jaguars #5 #2

Surprisingly, we found that teams with good SSL cyber posture are also ranked high on the list for the most interceptions during the 2017 season.

Cybersecurity and Football Stats

Yes! We can log in without worries!

We went the extra mile and decided to compare mail server cyber posture to passing in football. Does the team with the best mail server cyber posture rank among the highest for passing in the NFL?

Team Panorays Mail Server Rating NFL offensive passing 2017
Houston Texans #1 #21
Kansas City Chiefs #2 #7
Los Angeles Rams #3 #10
Jacksonville Jaguars #4 #17
Denver Broncos #5 #20

Looks like we can use some of Deshaun Watson’s passing abilities to make our mail server more secure.

The final test was to see if teams with good web server cyber posture are also good at defense. For this category, we used sacks as our defensive measurement:

Team Panorays Web Server Rating NFL Defense sacks 2017
Pittsburgh Steelers #1 #1
Los Angeles Chargers #2 #5
San Francisco 49ers #3 #26
Dallas Cowboys #4 #15
Cincinnati Bengals #5 #11

Boom!

At this point we started to seriously think about applying for a potential new position in the NFL as cyber coordinator.

Our Prediction for the Winning Team

The Kansas City Chiefs were found to be the team with the best cyber security posture! We predict that they could very well be the champions of the NFL 2018 season.Prediction for the Winning Team

In security, we always say that the best defense is a good offense, and as the Chiefs were ranked #5 on both defense and offense in the 2017 regular season, we can see they are doing something right here.

Of course, they haven’t won the Super Bowl since 1970. But you never know.

Personal Note

I am a Steelers fan, and I’d like to take this opportunity to wish the team luck this season. I’m sure they will make us proud!

I wish all football fans a great season!

Personal note from Panorays CISO

humbnail
Elad Shapira

Elad Shapira is Head of Research at Panorays. As a cybersecurity lecturer and self-described geek, he likes hardware hacking, low level development, playing Capture the Flag and making and breaking things.

You may also like...
Touchdown! Measuring External Cyber Posture and the NFL Hack
Jan 30, 2020 Touchdown! Measuring External Cyber Posture and the NFL Hack Elad Shapira
DishSnitch: The Who Left Dirty Dishes in the Sink” Detector”
Dec 19, 2019 DishSnitch: The Who Left Dirty Dishes in the Sink” Detector” Elad Shapira
Tips for Your Vendor Security: Closing the Most Common Cyber Gaps
Oct 31, 2019 Tips for Your Vendor Security: Closing the Most Common Cyber… Elad Shapira
Get our latest posts straight to your inbox Subscribe

We use cookies to ensure you get the best experience on our website. Visit our Privacy Policy for more information.