Cyber security, data breaches, malware? Does that seem like a far-from-your-bed show for you as an event professional? Cyber security should be a top priority, especially now that events are increasingly supported and even controlled by technology.
In this article you can read about the risks you run, how cyber criminals work in practice, and what you can do to stay one step ahead of them.
For starters, cybersecurity means deploying people, policies, processes and technologies to protect organizations, their critical systems and sensitive information from digital attacks (source, Gartner). Cyber criminals don't just go after big companies. They targeted all companies, and that can be your event or event company, because at events they find what they are looking for: data from large numbers of people. Data is the new gold, protecting it is your latest challenge.
Let's make it more concrete. What is interesting data for cyber criminals? Think of credit card numbers, but also national register numbers and dates of birth, useful if criminals want to steal an identity. Other attractive data for these gentlemen and ladies are email addresses and telephone numbers, which are frequently used in phishing scams. If you are organizing a large event with hundreds or thousands of attendees, then you are an ideal target for cyber criminals!
Cybercrime: danger for your guests, danger for your company
A cyber attack naturally has negative consequences for the people who attend your event, but there is also damage to your company and your reputation.
If your event is hacked, you can expect lawsuits, especially in Europe where you are obliged to take security measures under the GDPR law. Europe is committed to restoring control of personal data to the individual, which is why all companies must take the necessary measures to protect personal data. Especially if you manage large data files with personal information (such as at events and festivals), the lack of the right measures can lead to high fines! GDPR also requires you to have protocols or procedures in place for when things go wrong and also requires you to report an incident.
Examples of Cyber Threats
In principle, hackers can attack any device connected to your network, including your guests' smartphones that are connected to your network.
Phishing emails are styled to perfectly resemble communication from your event. Hackers add a link with which they try to extract data from your employees in order to log in to your event software. This is the most common way of hacking systems. For example, hackers simply log in to your registration software and simply download all data.
Even worse is ransomware, also known as ransomware. The cyber criminal enters your systems and introduces a virus. The villain does this via a phishing e-mail or, if he or she gets the chance, to insert an infected USB stick into a device. Once inside, the virus encrypts all data and you will not get it back until you have paid a hefty ransom. For organized crime this is a simple and safe way to earn (a lot of) money quickly, for you this is a disaster.
Vigilance and common sense
Common sense will of course also help you in the fight against cybercrime, just as you do in your private life. A few tips:
- Keep your software up to date: Installing software updates for your operating system and programs is critical. Always install the latest security updates on all your devices
- Good password management: Unique passwords with letters, numbers and special characters, two-factor authentication and a password manager help you to have strong passwords for all your accounts.
- Install a good antivirus program. Also on Mac. This way you can avoid a lot of trouble.
- Beware of suspicious emails: phishing scams are usually carried out by email, but it can also be done by phone, text message or via social networking sites.
- Be careful what you click: unknown websites or downloading software from untrustworthy sources can contain malware that installs (often silently).
- Never leave devices unattended: Physical security is just as important as technical security.
- Train your team on cyber threats and what to do/don't do!
Prevention is always better than cure. But even if you have taken all possible measures, your company can still fall victim to cybercrime. Did you know that you can insure yourself against hacking with cyber insurance? You are then insured against liability for damage caused by a cyber incident or system intrusion to third parties and you can count on assistance from cyber specialists.
Conclusion: cybersecurity is a top priority for the event industry
Provide space and a budget for your event planning (good preparation is half the battle) and engage a qualified security expert. Together you devise a strategy that protects your company and your guests against cybercrime.
What you can do anyway: secure your WiFi network at your event so that data from visitors is not intercepted. And select a secure registration platform and event software. By the way, do you already know the free (and safe) event management software from event planner?