The National Theatre, one of the UK’s most prominent arts establishments, is putting greater emphasis on data security as it attempts to beat potential cyber attacks.
The National Theatre, which is headquartered in London’s South Bank, is one of the country’s three main publicly-funded performing arts venues, alongside the Royal Shakespeare Company and the Royal Opera House.
During an average year it stages 3,000 performances seen by a total audience of about 2.5 million people – 700,000 of whom see them live.
That means selling thousands of tickets each year, and assessing the risks to customer data that come with that. The National Theatre must also defend itself against many of the potential cyber attacks that can afflict any company, including the risks of viruses that could damage vital systems.
In an interview with the BBC, George Tunnicliffe, the theatre’s head of IT operations, said the organisation has invested time and money in minimising risks.
“We have spent a lot of time creating disaster recovery scenarios,” he said. “We’ve practiced viruses taking down the network, ransomware outbreaks and things like that.”
“We’ve built push button stuff so the engineers do not have to think about what to do when they need to solve a problem.
“We have a good sense of where our kit is and what it is linked to, so if something happens we know what is going to be affected.”
The National Theatre also segments internal systems so staff working for different divisions of the theatre only see a small part of the whole organisation.
“Organisations that do have a high turnover of staff usually have a high risk of insider threat,” Neil Thacker from security firm Forcepoint, which works with the National Theatre, told the BBC.
“That can be because they are learning new systems and making mistakes and data is lost accidentally.”