Las Vegas CIO doubles down on AI and endpoint security to protect Sin City
VentureBeat presents: AI Unleashed – An exclusive executive event for enterprise data leaders. Network and learn with industry peers. Learn More
VentureBeat recently sat down (virtually) with Michael Sherwood, chief innovation and technology officer for Las Vegas, to gain insights into how he uses the latest AI and endpoint security technologies to secure the city.
Sherwood oversees the city’s cybersecurity infrastructure, strategy and eclectic inventory of digital assets, IoT and operational networks. He is also leading an open-source data initiative that shares the city’s operational data with other municipalities, universities and global think tanks to see how Las Vegas can stay on innovations cutting edge.
Sherwood’s teams rely on managed detection and response (MDR) services strengthened with AI and machine learning (ML)-based applications to protect their endpoints, infrastructure and the growing open-source database. The team also continually tracks inbound nation-state attackers attempting to perform reconnaissance and disrupt high-profile events. Sherwood says the rising incidence of nation-state probes on their infrastructure coincides with world-known events, including the Formula 1 race and the 2024 Super Bowl.
Las Vegas relies on a broad base of cybersecurity vendors, including CrowdStrike, Darktrace, Dell, NTT and Veza, as the city switches to a hybrid multi-cloud environment to protect sensitive data and critical infrastructure.
Event
AI Unleashed
An exclusive invite-only evening of insights and networking, designed for senior enterprise executives overseeing data stacks and strategies.
Attacks on municipalities are soaring — and Las Vegas is a high-visibility target
So far in 2023, the rate of ransomware attacks in state and local governments has increased from 58% to 69%. In May, the city of Dallas was hit with a ransomware attack that disrupted multiple areas, including 911 emergency response, municipal courts, animal services and the police department website. The city of Augusta, Georgia, a city government in France, and a school district in Missouri are also among the many victims of cyberattacks this year.
Las Vegas has approximately 2.7 million residents and welcomes more than 40 million visitors every year. Sherwood and his team are also responsible for orchestrating the optimal use of cybersecurity technologies encompassing AI, endpoint security IoT sensors, operational networks, ML, managed detection and response (MDR) and more to ensure key services are reliably delivered, protecting residents and visitors 24/7.
The following is an excerpt of VentureBeat’s interview with Sherwood (edited for clarity).
VentureBeat: You’re one of the leaders of the open-data initiative in which cities and municipalities share data and insights to improve everything from emergency response to traffic signals. What’s your vision for Las Vegas in this area?
Sherwood: Las Vegas has embraced cutting-edge technology to improve city operations and infrastructure. For example, we’re testing autonomous vehicles, implementing smart traffic signals and building an open data hub to share real-time data. AI and ML help us synthesize all this data to glean insights and optimize city services.
VentureBeat: How are you balancing the solid gains you’re making in innovation while continually hardening endpoints, protecting identities and, in short, protecting the city from cyberattacks?
Sherwood: Security is crucial to how my team and I approach innovation. We’re focusing on how to deliver memorable, secure experiences at scale across each area of our city infrastructure. Security has to be core to any innovation to preserve trust.
We’re protecting more than 4,000 endpoints city-wide today, and that’s growing due to our expanding operations networks, with IoT being a catalyst of their growth. The more connected our networks become, the more vigilant we must be about sensitive data.
Our tech stack comprises a series of integrated security applications and systems, forming a multi-layered defense infrastructure. A core part of the tech stack was a legacy endpoint security product that was becoming increasingly difficult to use. That’s when we started looking around for another solution.
We did a thorough product evaluation and decided that combining AI-based monitoring tools and human intelligence was the way to go. Choosing CrowdStrike OverWatch because it combines AI tools and apps with human intelligence proved invaluable.
VentureBeat: Of the many threats the city faces, what are the three main challenges you and your team face in protecting the city?
Sherwood: The greatest threat is a cyberattack aimed at high-profile targets in the city, including disrupting high-profile events. There is an escalating level of reconnaissance that in the past was only once in a while — now it’s happening at a near-constant pace. That’s the most persistent, strategic threat my team and I must continually focus on and plan to contain.
The second challenge is protecting essential city services for the 2.7 million residents and more than 40 million visitors. Our operational networks are growing, as is our use of IoT sensors, which adds a new layer of endpoint security to our security strategy.
The third challenge is identifying the steps we need to take to safeguard our global name reputation and ensure Las Vegas continues to be a safe city, both from a cyber and physical standpoint.
VentureBeat: Back in 2020, there was a cyberattack on the city. Can you share what happened?
Sherwood: It was an early Sunday morning around 4 a.m., and my nightstand phone rang. I picked up, and the person said, “Las Vegas… we have a problem.” A CrowdStrike OverWatch team member had called to inform me there had been a breach attempt on our infrastructure.
I immediately began calling other members of the security team and the city management team. Within an hour, the IT team and I were troubleshooting the breach attempt in the office. An external team monitoring the attack was invaluable while my team and I worked with internal systems to contain the threat.
VentureBeat: Did the attackers exfiltrate any data or destroy any systems?
Sherwood: No. Thanks to the quick work and collaboration of both of our teams, AI-based insights and how the attackers attempted to move through the network, there was no data loss or major issues. AI and advanced analytics allow us to detect subtle anomalies and multiply the effectiveness of the city’s security team. We were back to normal operations in 24 hours.
VentureBeat: As Las Vegas continues to grow as a tech hub and smart city, data is becoming increasingly valuable. What are your thoughts on how the city can ensure data privacy and security as more data is collected and shared?
Sherwood: As CIO, I am very focused on privacy and security by design in every one of our data and security initiatives. That is why taking a collaborative approach is so critical to our success. Collaborating with the leading cybersecurity providers, including CrowdStrike, who share our values, is key to our ability to serve and protect our residents and visitors.
I believe that with the proper safeguards, data can unlock new opportunities while respecting people’s rights. Ultimately, earning the public’s trust is essential so they can feel confident embracing the smart city of the future Las Vegas is on its way to becoming.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.