Why cyber security in sports is more important than ever in 2023

As technology plays an increasingly integral role in sports, from athlete performance monitoring to fan engagement, the importance of cybersecurity in the sports industry has become paramount.

While sports organizations have long focused on physical security, the rise of cyber threats creates new challenges that must be addressed. At least 70% of sports organizations have experienced cyber incidents or breaches.^1: Targeted by cybercriminals.

• athlete data
• fan data
• authority
• infrastructure that powers sports organizations

This article will examine the unique cybersecurity risks facing the sports industry and explore strategies that sports organizations can implement to protect themselves and their stakeholders from cyber threats.

Why do we need cyber security in sport?

According to the report, nearly all sports organizations have websites, social media accounts and digital files that collect personal information about customers, employees and volunteers. According to the National Cyber ​​Security Center, more than 80% of respondents have online business systems that enable customers to order, pay, or shop online (see Figure 1). ^2: Cyber ​​security should be seen as crucial given the prevalence of technology in sports.

Source: National Cyber ​​Security Center^3:

Figure 1: Which of the following, if any, does your organization currently have or use?

1- Protection of sensitive data

Sports organizations collect and store sensitive data, including athlete and fan data, financial data and intellectual property. Cyber ​​security is important to protect this data from unauthorized access, theft or manipulation by cybercriminals.

2- Reputation management

A cyberattack on a sports organization can cause significant reputational damage, resulting in financial losses and loss of fan trust. Cyber ​​security measures can help prevent such incidents and mitigate their impact if they do occur.

Fans expect their personal information to be protected and their interactions with sports organizations secure. Sports organizations can build and maintain fan trust by prioritizing cybersecurity and increasing engagement and revenue. This is also important for reputation management.

3- Operational continuity

A cyber attack on a sports organization’s infrastructure can disrupt operations and result in significant financial losses. By implementing cybersecurity measures, sports organizations can ensure business continuity, minimize the risk of downtime and increase revenue. ^4:

4- Compliance with regulations

Sports organizations are subject to various data privacy and security regulations (eg GDPR). By implementing cybersecurity measures, sports organizations can ensure compliance with these regulations and avoid fines or legal issues.

Top 5 Cyber ​​Security Use Cases in Sports

1-Protects athletes’ data

Athlete data, such as medical records and performance statistics, is valuable information that can be targeted by cybercriminals. For example, in 2016, the World Anti-Doping Agency (WADA) was hacked and sensitive athlete data was leaked.^5:00 The incident led to public embarrassment for the athletes and the organization. The attack on WADA is characterized as a “spear” attack.^6:00

Sports organizations must ensure that athlete data is properly secured and access is strictly controlled to prevent similar incidents. Education about phishing attempts is a good defense against this form of cyberattack. Prevention of these attacks can be done by knowing the phishing email. about the appearance of letters.

2-Provision of online ticket sales

Online ticket sales are a common target for cybercriminals. Hackers can use phishing attacks to obtain credit card information or use bots to buy tickets in bulk and resell them at inflated prices. Reports of ticket fraud have doubled since 2022, and the resale value of online tickets for almost any sporting event is known to fluctuate wildly.^7:00

Sports events make up the largest segment of global event ticketing, and it has a projected market size of over $28 billion by 2023.^{8 o’clock} Sports organizations must ensure the security of their online ticketing systems and use two-factor authentication and fraud detection measures to prevent fraudulent purchases.

3-Prevention of game day cyberattacks

Cyber ​​attacks on game day can disrupt operations, cause financial losses and potentially put athletes and spectators at risk. An example of such matchday disruptions recently occurred during the 2022 World Cup semi-final between France and Morocco. Due to loading difficulties in the app, the outage caused problems for some FuboTV subscribers to watch the full game. FuboTV claimed the outage was due to a cyber attack.^9:00 Sports organizations should have contingency plans in place to prevent similar incidents and ensure their critical infrastructure is properly secured.

4-Providing broadcasting infrastructure

Broadcast infrastructure is a valuable target for cybercriminals who can disrupt live streams or steal valuable intellectual property. For example, in 2015, the French broadcaster closed 12 channels and leaked sensitive information.^10:00 Sports organizations should secure their broadcast infrastructure and be regularly audited for vulnerabilities to prevent similar incidents.

5-Fan data protection

Sports organizations collect fan data through online purchases, loyalty programs and social media interactions. Fans are prone to phishing scams via mobile apps, and remote systems are open to hackers. ^11:00 Man-in attacks are also possible on public wireless networks.

This data can be targeted by cybercriminals and used for identity theft or other malicious purposes. Sports organizations must ensure that fan data is properly secured and access is strictly controlled.

See Figure 2 for an overview of attack trends.

Source: National Cyber ​​Security Center^12:00

Figure 2: Attack Trends – Percentage of organizations reporting attack activity

What are the challenges of cyber security in sports?

1- Rapidly evolving threats

Cyber ​​threats are constantly evolving, making it difficult for sports organizations to keep up with the latest threats and vulnerabilities. Attackers are constantly looking for new ways to exploit system weaknesses, making it difficult for sports organizations to have strong cybersecurity measures in place.

2- Complex supply chains

Sports organizations often work with multiple vendors and partners, creating a complex supply chain. This can make it difficult to ensure that all parties have adequate cyber security measures in place and that there are no vulnerabilities in the supply chain.

3- Limited resources

Many sports organizations have limited resources to devote to cybersecurity, especially smaller organizations or organizations with limited budgets. This can make it difficult to implement and maintain strong cybersecurity measures.

4- Legacy systems

Some sports organizations may still use legacy systems that are not designed for modern cyber security practices. These systems can be difficult to secure and more vulnerable to cyber attacks.

5- Lack of awareness

Not all members of a sports organization may be aware of the importance of cyber security or good cyber hygiene. This can lead to human error or unintentional vulnerabilities.

6- Cultural challenges

Some sports organizations may have a culture that does not prioritize cybersecurity or may view cybersecurity as a barrier to innovation or performance. Implementing strong cybersecurity measures or stakeholder input can make it difficult.

If you have additional questions, contact us.

Find the right vendors

1. National Cyber ​​Security Center “Cyber ​​Threat to Sports Organizations” 2020
2. National Cyber ​​Security Center “Cyber ​​Threat to Sports Organizations” 2020
3. National Cyber ​​Security Center “Cyber ​​Threat to Sports Organizations” 2020
4. Stephanie Jenkins, Nathaniel Evans, “Cybersecurity Implications of Data Growth in Sports”, Proc. SPIE 11417, Cyber ​​Sensing 2020, 114170H (28 April 2020)
5. CNN: “Russian Hackers Release Secret Data of 25 More Olympic Athletes,” September 15, 2016.
6. Greenwald, Max, “Cybersecurity in Sports” Privacy and Ethics Issues, Tufts University, December 2017
7. Cybermagazine “Ticket Fraud Reports Double Since 2022” September 26, 2022
8. A statisticianEvent Tickets – Worldwide, 2023
9. SBJ: “FuboTV Says Cyber ​​Attack Was Behind Major Outage During World Cup Semi-Final Game” December 15, 2022
10. The Guardian:“French media groups to hold emergency meeting after IS cyber attack” April 9, 2015.
11. Stephanie Jenkins, Nathaniel Evans, “The growing threat of cyber security attacks in sports”, Proc. SPIE 10630, Cyber ​​Sensing 2018, 1063003 (3 May 2018)
12. National Cyber ​​Security Center “Cyber ​​Threat to Sports Organizations” 2020