By Jose Bort, CEO and co-founder, EventsCase
With the countdown to Event Tech Live 2019 now firmly underway, we’ve noted an absence of discussion around a subject that unites so many facets of the exhibiting floor.
While tech providers continue to avoid conversations around the impact of cybercrime on our venues and attendees, EventsCase has been tackling it head-on through a series of awareness-building exercises.
Our most recent contribution at Event Industry News focused on the rising threat of cyber criminals to the industry at large. Now, with the aim of shedding light on potential safeguarding measures, we want to raise awareness of how people prize data from our organisations.
Wi-Fi tends to be the root cause of many cyber-attacks on events. Most of these involve the use of a ‘MiTM’ (man in the middle) to observe or manipulate traffic passing through a router. From here, it’s possible to lift sensitive information like passwords, credit card details and whatever else the user has inputted during their session. Ever been advised against using banking apps on public Wi-Fi? That’s MiTM for you.
Venues will be quick to highlight that not all attacks revolve around their provision of wireless internet access. Organisers have a duty to ensure their devices and software are equipped with the very latest versions of the programmes they’re running. Cyber criminals are on a constant lookout for old systems that give them a potential route into an organiser’s database. Given that so many of those pesky updates are designed to fix gaps in security, we’d consider them a benefit – rather than a burden – to your work.
Sometimes it’s even easier to gain access to an account holding reams of valuable data. The majority of passwords are highly specific, unique to the account and incredibly hard to guess. Even through the use of artificial intelligence. Nevertheless, from our own knowledge of recent attacks on devices and event management software, the days of ‘1234’, ‘ABCD’ and ‘password’ have not died out just yet.
How do you solve a problem like cybercrime? Well, for the benefit of all the small-to-medium-sized organisations that want to avoid hiring a dedicated security officer, it’s easier than you think. For wi-fi vulnerabilities, make sure you are making logs of all connections to the router. This will help the person monitoring your network to identify any MiTM attacks. A separate, private connection is absolutely vital for your on-site devices.
It’s then a case of keeping your own house in order by updating your software and passwords on a frequent basis. If you’re using an event management platform – the main gathering point for attendee data – be sure to ask how often it goes through perimetrical security tests. These rely on the use of a neutral, unbiased party to examine any routes into your servers.
Cyber criminals are becoming increasingly sophisticated, but don’t assume that you can’t safeguard your data with some very simple steps. Even basic decisions, like your choice of event management platform, can drastically impact your chances of being targeted. No one can ensure 100% protection against cyber criminals. But if everyday checks and actions take us to 80%, that has to count for something.
If you’re attending Event Tech Live between 6th-7th November and need further insight on protecting your data, head to EventsCase at stand 1105.
This content is sponsored by EventsCase.