SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
GlobalData
#
NDI
Rugy World Cup highlights needs for cybersecurity
Fri, 29th Sep 2023
Author image
By Shannon Williams, Journalist
Follow us

The Rugby World Cup is currently taking place, during which teams, associations, and venues will share and process vast amounts of sensitive information which is extremely valuable to cyber criminals.

This, and other major sporting events, are extremely vulnerable to cyber attacks, especially from bad actors with financial motives.
 
GlobalData's newly released Cybersecurity in Sport report warns that sport will become an increasingly common target for cyberattacks. 

The world of sports is an extremely lucrative one and, therefore is a prime target for hackers as enormous sums of money and confidential information from this industry could be used for potential ransoms. While the word of sport has largely been able to keep these threats at bay, increasing sophistication from hacker groups may force adaptation to this.

With 70% of sports organisations experiencing a cyber incident per annum, major events such as the Rugby World Cup face an even higher threat. For example, many fall victim to spear-phishing, whereby usernames and passwords are obtained from staff and attacks are aimed at those in senior roles who can authorise financial transactions.
 
Niall McConachie, regional director (UK & Ireland) at Yubico, explains how sporting organisations can best prevent these phishing attacks with effective cyber security practices such as phishing-resistant multi-factor authentication.
 
"Previous business email compromises (BEC) around major sporting events underscore the urgency for enterprises to establish and enforce human-centric security best practices that are supported by modern phishing-resistant MFA," he says. 

"Traditional password-based authentication has proven insufficient in the face of these evolving threats, and as email-based phishing attacks grow in sophistication and targeting, even tech-savvy individuals can fall victim."
 
To effectively mitigate these types of attacks around major sporting events, McConachie says organisations should implement passwordless cybersecurity such as strong two-factor authentication (2FA) or MFA. 

"By removing the need for passwords, strong 2FA and MFA are more user-friendly and bridge the gap between personal and professional data security. Phishing-resistant FIDO2 security keys, for example, have proven to be the most effective option to keep businesses and people secure online," he says.
 
McConachie says Phishing-resistant MFA, that comes in the form of a FIDO2 security key, helps organisations better protect online accounts without relying on the user's vigilance. 

"Unlike conventional MFA methods vulnerable to phishing, this approach focuses on identity verification and intent through deliberate action," he says. 

"While common, passwords, SMS, OTPs, security questions, and push notifications are susceptible to various attacks. By adopting phishing-resistant MFA, sporting organisations can protect digital identities against evolving threats and safeguard sensitive information."

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
GitHub's 2FA initiative helps secure software supply chain
Jason Haddix joins Flare as Field Chief Information Security Officer
AI tools linked to data exposure in 1 in 5 UK organisations
Trend Micro introduces AI-driven cyber risk management features
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds