Last week, we talked about the growing threat of cybercrime for event planners. As events become more complex and interconnected, security plans need to address potential points of digital vulnerability.
You might be thinking, “My events are small. It wouldn’t be worth a hacker’s effort for such a small return.” Check that thinking at the door. First, experts have shown how easy it is to steal someone’s identity. And second, don’t underestimate the power you have in today’s tech-centric world. You are no longer just an event planner; you are a data security guard.
But really, it doesn’t matter what size event you produce. Every event has the same incentives for potential criminals. Here are four key reasons your events may be desirable targets for hackers.
1. Hacking is Primarily About Owning Individuals’ Data
Writing in Computer Weekly, Security Editor Warwick Ashford advises, “Most cybercrime boils down to cyber-enabled theft of money or theft of data. Criminals use data either to commit other kinds of theft such as fraud, or are sold to others to use in this way.”
Your event only exists for the enjoyment, betterment, learning, increased engagement, etc. of your attendees. People. People who provide you with financial details, social profiles, and other personally identifiable information. Money and data. Ouch.
2. You Have Blindspots
Traditionally, when you think about live event security, you focus on potential physical breaches. Understandable, right? You want to keep your attendees and staff safe. And it’s immediate. It something you can measure in real time and with tangible resources. Guards, camera surveillance, metal detectors, barricades and requiring credentials all work together to shore up the weak points at your event.
But cyberattacks, at least the effects of cyberattacks are almost never felt immediately. Sometimes, they may not be discovered until weeks or months later. A survey conducted by Tripwire in 2014 found that “85 percent of point-of-sale intrusions took weeks to discover and 43 percent of web application attacks took months to discover.” That could be your event website. Or ticketing platform. Or mobile app. And you likely wouldn’t know about them until long after your event is over and the production books are closed.
This kind of long game is hard for event planners, especially when an event is in full swing. And even more so when resources and budgets are tight. It could mean you either rely on a third party platform (e.g. ticketing, website) to handle your security protocols for you or simply don’t attack the problem proactively. It feels so disconnected from the execution of the event, did it really happen? If you find you have a blindspot in addressing cyber breaches, acknowledge it and find someone who can help.
3. Events are Public Engagements
We don’t just mean big splashy events. These days, every event is in some way a public happening. If you build a website, sell tickets, advertise, or even if your attendees are simply talking about and sharing details of your event in their social channels, your event is searchable. With a few clicks (even if it isn’t published), a hacker can find out the date, time, and location of your event. Maybe even the size of the guest list and specific attendees. And if your event has received any kind of press, either from a past iteration or the current one, it could already be a desirable target.
Still think your event is small and not worth a hacker’s effort?
4. Your Events Have Multiple Points of Entry for a Hacker
Events are highly networked. And not just because every attendee is shuffling along, staring at his or her smartphone. Your lighting grids, automation systems, unified communications, video are all connected to a hub. The awesome part is how much more efficiently you can execute complex productions. The downside? Any one of these systems is a target for cyber criminals.
Hackers are looking for vulnerabilities. The more systems you run, the more vulnerabilities you need to address. Now, add in to the mix monitoring attendees.
Sorry to be all doom and gloom. But this is the world we live in. If we want to keep integrating new technology into events, we must be all the more vigilant. Every breach, no matter the size is a serious flaw. If even one attendee has their data stolen, it could be devastating for your business.
Now that you have some ideas of where to look for weaknesses, next week we’ll look at ways to avoid and safeguard against these attacks.