Like so many other organisations, sports bodies rely heavily on having adequate IT and technology services to manage and operate their functions.
Such services are used, amongst other purposes, to collect and use key player statistics, operation of security systems at sporting venues as well as to help engage with fan interactions.
Owing to the disruptions caused by the COVID-19 pandemic, sports organisations are becoming increasing more dependent on the use of digital and technological services in order to continue reaching out to their fans, sponsors interaction, as well internal communication between staff members, players and coaches alike.
Given the fact that the sports industry is seen as being a financially powerful industry, such industry is more susceptible than others to falling foul of a cyber-attack.
As a result of this threat, cyber security is of an ever-increasing importance to sports organisations, since losing access to data, IT or technology can have a catastrophic impact on such organisation.
Unfortunately, cyber-attacks against sports organisations are on the rise, with a recent National Cyber Security Centre (UK) report finding that 70 per cent of sports organisations surveyed within the United Kingdom alone reportedly experience at least one cyber-attack a year.
Sport is heavily reliant on digital technology.
Sport clubs and organisations hold a significant amount of sensitive personal data and process millions of financial transactions every year, mostly online via the sale of match day tickets, club merchandise as well as bookings for corporate events and stadium tours.
One also finds sports organisations who own and operate large sporting venues which are rigged up to a complex digital network that control turnstiles, security cameras and storage of such footage, point of sale equipment as well as alarms situated across the venue to name a few.
Almost all sport organisations have a website or blog, social media platforms and hold digital records containing personal information about customers, staff and customers. Such systems usually also allow one to make bookings, payments or purchases over such sites.
Cyber threats vary in terms of type and effectiveness.
In the majority of cases, such threats come from cyber criminals who have a financial motive behind such attacks. With the constant evolvement of technology development, cyber criminals manage to find new and more sophisticated ways to target such organisations.
Business email compromise (BEC) is found to be one of the biggest cyber threat to sports organisations. This involves an attacker obtaining access to one’s business email account and imitates one or more individuals with the aim of defrauding a business or its partners or obtaining valuable information for one’s gain.
Such technique is low cost and can potentially reap a high return for the cybercriminal.
Another common threat is cyber-enabled fraud, which is fraud facilitated by cyber technology.
This often relies upon social engineering (normally phishing) to trick somebody into making mistakes, such as using a forged sender address to an email to convince the recipient that such email is genuine.
Another type of cyber threat is ransomware, which is a type of malware that prevents an individual or organisation from accessing data that is stored on their computer or device unless one pays ransom price, often set at quite an exaggerated amount of money.
Sports organisations need to be on a constant vigil to avoid such cyber-attacks. Doing nothing is not an option.
Sports organisations have at their disposal various effective and affordable ways to help reduce their exposure to many common types of cyber-attacks and help to protect the reputation of their organisation as well as potential loss of income and vital data.
Sport organisations should ensure that security training is provided to their employees and providing staff with clear cyber security policies to help staff understand how to maintain and implement security measures for data.
Associations should also invest in anti-malware defences to protect their systems and devises which are being used to collect, process and store data. Such anti-malware systems should be constantly updated to cater for new threats and viruses.
Sport organisations should also seek to have backups, possibly on cloud storage.
Sport today is reliant more than ever on personal data as well as on technology.
Such dependence will continue to grow over the months and years to come, especially in view of the sudden rise in popularity concerning e-commerce and e-sports.
Only strong and efficient cybersecurity programmes and solutions can help to reduce the chances of sports organisations falling foul of cyber-attacks.