Ticketmaster could have avoided a site meltdown, a cybersecurity expert says
November 2022 by Carlos Salas, an engineering manager at NordLayer
Yesterday, Ticketmaster canceled the public sale of tickets to the upcoming Taylor Swift tour, allegedly because the company couldn’t cope with demand. Apart from running out of tickets, the site wasn’t technically prepared for the number of visitors and appeared to crash or freeze during purchases. Carlos Salas, an engineering manager at NordLayer, Nord Security’s solution for business, explains how companies can handle such situations.
“Cybersecurity and managerial decisions go hand in hand. Apparently, the unprecedented pressure on the company’s web resources affected the internal network, preventing decision-makers from evaluating the situation with the ticket supply in a timely manner.
Network resilience — the ability of a network to function reliably in the face of faults and challenges to normal operation — is crucial in e-commerce, especially during the busy season of Black Friday and Christmas. Businesses need to ensure the high availability of their resources and, in case of an incident, be able to respond quickly to minimize losses. One of the ways to achieve network resilience is network segmentation — dividing the network into smaller sub-sections. This way, an internal network that controls sales and internal software performance for the company can stay unaffected by web browsing from the visitor network. Therefore, the website is less likely to “crash” due to limited system load. Importantly, it can also limit damage from a cyberattack.
In the case of companies like Ticketmaster, segmenting the website’s infrastructure enables real-time scaling of the servers that manage ticket sales without involving other resources. This can greatly reduce implementation costs.”
To ensure the smooth functioning of a website in times of high consumer demand, Carlos Salas suggests implementing network segmentation that will provide staff with access to only the parts of the company network they need for work. The internal network will remain unaffected by external traffic.