Cybersecurity in the events industry
Should you be concerned about cybersecurity and your event?
The answer is YES!
The events industry is a fertile hunting ground for hackers. Large amounts of data are recorded for event management purposes, from ticket purchases and e-commerce transactions to forms filled with personal information. This information is valuable to cybercriminals who steal it for fraudulent purposes and financial gain.
Here are some important insights for understanding cyber security threats in the context of events, and what you can do to keep clients, guests, suppliers, and employees cyber safe.
Cybersecurity challenges rise for events
Digitisation, connectivity, and innovation are burgeoning in our industry. We have at our fingertips an exciting technology mix to streamline event management, support collaboration, and drive engagement.
Event management platforms, email systems, bespoke apps, wearable tech, radio-frequency identification (RFID) solutions, registration tools, e-commerce, social media, and data management systems are just some of the digital tools used to market and execute events. These digital ecosystems are vulnerable to cyber security threats from the outside – and the inside.
Cybercriminals are increasingly exploiting the events industry because they know that ICT systems and cyber threat defences are less sophisticated than those of larger organisations.
Cybersecurity is more complex for event organisers who must not only protect their core ICT systems but also employees’ roaming devices, and the temporary ICT networks which are used by employees and attendees to access digital resources, e-commerce, and social media at event sites.
Why cyber breaches and attacks happen
Poor ICT system security and monitoring, unprotected smartphones and devices, unsecured network connections, third party apps, and poor end-user awareness contribute to the increasing number of cyberattacks and ICT security-related threats impacting the events industry. Across all industries, email remains the most common vector of attack.
Research shows that at least 32% of small businesses, like event management companies, have suffered some form of cyberattack. The most common forms of attack are phishing and email impersonation for fraudulent purposes and financial gain[i].
Data leakage is another big concern for event companies. Data leakage is described as the intentional or accidental exposure of information – from confidential and personal information to a company’s intellectual property. Data leaks can occur in a variety of ways, including hacks from the outside as well accidental breaches from the inside.
Information leaks can be detrimental to an organisation’s customer relationships, reputation, and brand. But they can also open up liability depending on the nature of the information that is exposed.
How can you make your event cyber safe?
We are in a rapidly changing world where technologies are evolving all the time in increasingly complex operating environments. It’s recommended to have a firm security policy in place to define the responsible use of information systems, email, and the internet. With a corporate usage policy in place, you can clearly define the limitations and guidelines around the use of company systems and information.
This policy should also stipulate password change policies, access privileges and information sharing guidelines. These stipulations must be enforced with security mechanisms that are monitored and frequently audited to test for vulnerabilities.
Security mechanisms must be built into all layers of ICT infrastructure and depending on the specific environment and tools at play, specialised software such as content filtering, web filtering, data loss prevention and intrusion protection technologies may be needed.
If cybersecurity is not your forte and you don’t have in-house resources to implement and monitor ICT security, consider outsourcing it to a credible managed security services provider.
We’re committed to cyber safe events
It’s become crucial for event producers to understand how cyber breaches happen, and what to do to prevent them. We’re serious about this. We have undergone rigorous processes and audits to be General Data Protection Regulation (GDPR) and Protection of Personal Information Act (POPIA) compliant. This shows our unwavering commitment to producing cyber safe events with robust information security systems and policies to protect information from hackers and accidental breaches. Learn more about our compliance with these privacy laws.
Keep your attendees, clients, staff, and suppliers safe and secure. Contact us for advice