Article

Mapping tech partners to IMSA® classes (GTP vs GTD Pro vs GTD vs LMP2)

GTP (Grand Touring Prototype)

What makes GTP tech-heavy: hybrid energy management, dense sensor sets, and fans wanting deeper insight into speed + regen + deployment.

Primary tech partners and “why GTP”:

  • AWS® + IMSA® (fan telemetry / real-time data streaming): IMSA and AWS launched a fan telemetry service focused on GTP entries, exposing real-time signals such as energy regeneration/remaining, speed, gear, brake/throttle, and pit status.
  • Bosch Motorsport (scrutineering + regulatory monitoring ecosystem): IMSA’s own technical bulletins reference Bosch Scrutineering System updates across GTP (and GT classes), reflecting Bosch’s role in regulation parameter monitoring and compliance tooling.

Cross-class partners that matter a lot in GTP operations:

  • AMD® (Race Control systems using integrated video + timing + telemetry): IMSA describes Race Control tooling that fuses HD video with timing/scoring and telemetry into one timestamped package—critical in GTP where prototype traffic and incidents develop fast.
  • CrowdStrike® (IMSA official cybersecurity partner): the sanctioning body’s expanded partnership positions security as foundational to IMSA’s traveling tech footprint (official systems, event ops, comms, etc.).

What this looks like at the track (GTP example):

  • Car → trackside ingestion → cloud streaming (for fans) + strategy tooling (for teams) + compliance/race control views (for officials).

GTD Pro

What makes GTD Pro unique: pro driver lineups, closer policing of performance, and higher scrutiny of compliance and parity tools.

Primary tech partners and “why GTD Pro”:

  • Bosch Motorsport (official telemetry system provider for GTD Pro and GTD): IMSA secured Bosch Motorsport’s LTE65 telemetry modem and RaceConnect platform as the telemetry system direction for GTD-PRO and GTD (noting live calculations, data integrations for competition management, and better regulation parameter monitoring/scrutineering support).

Cross-class partners with outsized impact in GTD Pro:

  • AMD (Race Control / incident review): high-contact GT racing and dense packs increase the value of fast, data-enriched replay decisions.
  • CrowdStrike (IMSA cybersecurity): protecting series systems and partner/team touchpoints matters when a class is heavily broadcasted and tightly officiated.

How the collaboration typically works (GTD Pro):

  • IMSA standardizes telemetry transport and compliance monitoring → teams integrate that data into their own analysis/strategy stacks → officials use the same ecosystem to support regulation checks and sporting review.

GTD

What makes GTD different: broader team diversity, “customer racing” structures, and the need for reliable, standardized telemetry + compliance tools that scale across many entrants.

Primary tech partners and “why GTD”:

  • Bosch Motorsport (telemetry standardization at scale): the same Bosch LTE65 + RaceConnect framework applies here, explicitly naming GTD alongside GTD-PRO, and emphasizing cloud-based monitoring and adjustability—useful for a large, varied GT grid.

Cross-class partners:

  • AMD (Race Control platform): multi-class and intra-class incidents often involve GTD traffic; fast replay + context is crucial.
  • CrowdStrike (IMSA cybersecurity partner): GTD teams often have smaller IT benches, which can make strong baseline security and best practices across the ecosystem even more important.

LMP2

What makes LMP2 tricky for “partner mapping”: LMP2 is highly regulated/spec by design, and IMSA partner announcements often spotlight GTP (newest tech showcase) or GT telemetry standardization. Still, the class is deeply impacted by series-wide systems.

Most relevant partners by impact, even if not LMP2-only branded:

  • AMD (Race Control video + data fusion): LMP2 runs in multi-class environments where traffic, incidents, and officiating speed matter; Race Control’s fused video/timing/telemetry workflow applies across the event.
  • CrowdStrike (IMSA cybersecurity): sanctioning-body systems, communications, and event operations cover every class on track.
  • Bosch scrutineering ecosystem references (including bulletins touching multiple classes): Bosch-related regulation tooling appears across IMSA’s technical documentation for multiple categories; LMP2’s competitive integrity also depends on reliable compliance workflows (even where hardware differs).

How to write this cleanly (without overclaiming):

  • “LMP2 is less likely to be marketed as the headline tech showcase, but it’s still downstream of IMSA’s Race Control stack, security posture, and scrutineering/compliance tooling.”

One-paragraph “summary map” you can paste into your site

  • GTP: AWS fan telemetry + cloud streaming; Bosch compliance/scrutineering references; AMD Race Control integration; CrowdStrike cybersecurity baseline.
  • GTD Pro / GTD: Bosch LTE65 + RaceConnect telemetry backbone; AMD Race Control workflows; CrowdStrike series security.
  • LMP2: Most impacted by series-wide Race Control + cybersecurity + compliance tooling rather than a single class-specific telemetry headline.

2) Deep dive: cybersecurity in motorsport operations (how it really works)

Cybersecurity in motorsport isn’t a side function—it’s a performance dependency. Race teams and sanctioning bodies operate like traveling enterprises with high-value IP, always-on connectivity, and compressed timelines where a disruption on Friday can compromise results on Sunday.

The motorsport threat model: why racing is uniquely exposed

Motorsport combines three ingredients attackers love:

  1. High-value intellectual property Setups, aero maps, simulation models, gearbox strategies, reliability data—this is competitive advantage in pure form.

  2. A massive, moving attack surface Teams travel with laptops, servers, radios, data links, garage Wi-Fi, hospitality networks, third-party vendor gear, and cloud accounts—then rebuild the environment in a new country days later.

  3. Hard deadlines with public visibility A breach or outage doesn’t happen quietly. It happens with cameras on, at a fixed start time, under sponsor pressure.

This is why series like IMSA publicly align with cybersecurity partners at the sanctioning-body level, and why elite teams partner directly as well.

What exactly has to be protected?

A) The “race-critical” layer (must not fail)

  • Pit wall timing + strategy tools
  • Car-to-garage telemetry pathways
  • Radio/communications workflow
  • Race control data systems (for officials)

IMSA, for example, describes Race Control systems that integrate HD video with timing/scoring and telemetry into one timestamped package—systems that must remain reliable and trustworthy under pressure.

B) The “IP-critical” layer (must not leak)

  • Engineering documents and CAD
  • Simulation code, parameter sets
  • Performance development roadmaps
  • Supplier designs and firmware

C) The “business-critical” layer (must not embarrass or financially damage)

  • Sponsorship contracts and negotiations
  • HR/payroll, travel and logistics
  • Ticketing and fan communications (for events)
  • eCommerce and hospitality operations

The modern motorsport security playbook (practical, not theoretical)

A good way to frame this (and keep it structured for your readers) is the NIST Cybersecurity Framework 2.0, which organizes outcomes under: Govern, Identify, Protect, Detect, Respond, Recover.

Below is how those functions map to racing reality.

GOVERN: security as part of race operations

In motorsport, governance means:

  • defining which systems are “race critical,”
  • establishing who can approve changes on race weekend,
  • setting minimum controls for third parties in the garage.

This is where sanctioning bodies and major partners matter: IMSA’s multi-year extensions and “expanded roles” language signals that security isn’t treated as a one-off activation—it becomes operational.

IDENTIFY: asset visibility across factory + track

If you can’t inventory it, you can’t protect it. Teams need to track:

  • every endpoint (laptops, pit wall machines),
  • every cloud account and permission set,
  • every “temporary” device used for an event.

In F1®, CrowdStrike’s Mercedes case materials emphasize the scale of motorsport telemetry and data operations, underscoring why security programs lean on continuous endpoint visibility rather than occasional audits.

PROTECT: hardening without slowing the team down

The hard part is balancing security controls with the reality that race engineers need speed.

Common “race-friendly” protections:

  • Zero trust / segmented networks (guest Wi-Fi shouldn’t touch engineering)
  • Least privilege access (especially for suppliers and contractors)
  • MFA everywhere (email, source control, cloud consoles)
  • Secure remote access from circuit to factory (encrypted links, monitored gateways)
  • Patch management strategy that respects race-weekend stability

This is why elite motorsport security tools emphasize lightweight agents and cloud-native management—teams don’t want heavy, performance-draining endpoint burdens.

DETECT: continuous monitoring in a world that never stops moving

Detection in motorsport has to work across:

  • factory networks,
  • travel devices on hotel Wi-Fi,
  • temporary circuit networks,
  • cloud infrastructure used by remote engineers.

A key idea to communicate in your article: motorsport security is distributed SOC work—often relying on centralized monitoring to keep visibility when the team is scattered across time zones.

RESPOND: race-weekend incident handling

Incident response in motorsport needs a “pit stop mindset”:

  • Triage fast
  • Contain without breaking race systems
  • Recover rapidly
  • Document for the stewards (internally) afterward

A concrete example your readers will instantly understand: if an endpoint tool update breaks machines right before a session, you need a playbook that restores operations immediately. Media coverage around the 2024 CrowdStrike outage noted the Mercedes F1 team had to address affected systems quickly, illustrating how response plans must be ready at trackside.

RECOVER: getting back to a trusted baseline

Recovery isn’t just “back online.” It’s:

  • verifying data integrity,
  • rotating credentials,
  • checking whether setups, files, or comms were accessed,
  • restoring a clean “gold image” for next weekend.

Because racing is weekly, teams often operate with:

  • prebuilt device images,
  • standardized laptops for trackside roles,
  • controlled software stacks that can be re-deployed quickly.

Sanctioning bodies vs teams: two different security jobs

Teams focus on protecting IP and race execution.

Sanctioning bodies (like IMSA) focus on:

  • the integrity of competition systems,
  • event operations,
  • partner integrations,
  • and the reliability of officiating workflows.

That’s why IMSA’s relationship with CrowdStrike is positioned at the organizational partner level—and extended with expanded roles.

Why cybersecurity partnerships are getting “closer” to performance

In 2025, Reuters reported CrowdStrike CEO George Kurtz acquired a stake in the Mercedes F1 team and joined its strategic steering committee as a technology adviser—an example of cybersecurity moving from vendor support to strategic influence at the team level.

That’s the direction the whole industry is heading: security isn’t just protection; it’s operational resilience and competitive continuity.

AWS® trademark is owned by Amazon Technologies, Inc. (CORPORATION; NEVADA, USA); IMSA® trademark is owned by International Motor Sports Association, LLC (LIMITED LIABILITY COMPANY; FLORIDA, USA); AMD® trademark is owned by Advanced Micro Devices, Inc. (CORPORATION; DELAWARE, USA); Crowdstrike® trademark is owned by Crowdstrike, Inc. (CORPORATION; DELAWARE, USA); F1® trademark is owned by Formula One Licensing B.V. (BESLOTEN VENNOOTSCHAP (B.V.); NETHERLANDS). All trademarked names or other marks mentioned are for reference purposes only.

Avatar
By Joe Clarke