Learning with TBOE

Michelle Price talks cyber security at The Business of Events Conference

The time for cyber security is now, says Australian expert

Posted on May 15th, 2019 in Event News, Event Safety, Event Security

Security was a hot topic at the 2019 The Business of Events conference. In the morning of the first day, we heard from Danny Baade about the importance of protecting crowded spaces which was followed by a talk on cyber attacks and their effects on business in Australia and events around the world.

Teaching us about the dangers and the resources available to help was Michelle Price, CEO of AustCyber, who was responsible for writing the national cyber security strategy for Malcolm Turnbull’s government.

The high risk of cyber attacks in Australia

While we all like to think that we, personally and professionally, aren’t likely to be targeted, the fact is that in Australia we are all high-risk targets. And, as event organisers, one of our main roles is to manage risk – both for the event itself and for our guests.

The main reason that Australia is a high-profile target is simple: we’re a very rich nation.

Michelle said, “Our superannuation industry in Australia is the largest in the world. At any given time, it is worth a trillion dollars. But, actually, the total value of the assets in our superannuation system is worth $3 trillion. That’s a prize to go after.”

“It is one of the reasons why we are as a country are the number one per capita target for malicious software deployment in the world. We’ve got a heck of a lot of money sitting in bank accounts, trust funds and superannuation funds in this country.”

What does this mean for event organisers?

Cyber criminals are constantly looking for a weak link that allows them access to information. Even if you think there’s nothing of value in your event per se, there may well be information about one of your attendees – their personal phone number, address, date of birth or even credit card details – that is of high value.

Michelle said, “If your organisation is running an event that has that an individual attending with a wealth fund worth $17m and there’s a malicious actor who wants that $17m, they can scan and see that your system is not protected. If they come across that person’s name, they will go through your system as another avenue to try to attack.”

“I’m not talking about the technicality of how these things take place, but that’s an example of how your sector can be used as a kind of transition point. Malicious actors bounce around the internet and network architecture to be able to find the most straight forward, the most cost-effective way for them, to be able to access information.”

Events can also be targeted

With technology so prevalent in how we do our jobs, we have to be vigilant every step of the way. It’s unlikely that you’ll be aware of an attack until it’s too late and this can damage your marketing, your sales or even the event itself.

In Australia, it takes an average of around 200 days from the breach to when you find out about it. In almost all cases, you only become aware of it because another organisation makes you aware of it.

But why would your event be a target? There are many reasons. From something as simple as a prank to someone who takes umbrage at your event – because of your industry, political stance or one of your speakers – something the most innocent-looking conference can be in the news for all the wrong reasons.

The scary thing is that this is happening in today’s event space.

Michelle said, “There are conferences around the world where they’ve been maliciously attacked. Devices can be hacked and, all of a sudden, instead of me being up on the screen, it’s a completely different thing. It is not sci-fi, this is a reality now.”

“It could be having Mark Zuckerberg speaking at your event and someone has a raging campaign against the Zuck. The motivations for why people are wanting to do this are very broad.”

What’s the first thing you should do? 

Pre-empting the question of what event organisers can do to increase their cyber security, Michelle emphasised the importance of having different, hard-to-guess passwords for every account. To improve security even further, you should make sure that you and everyone on your team uses a password manager, such as LastPass.

Michelle said, “That complex, unique password for every different account you have online, every different presence you have online, is your number one defence. It makes it infinitely harder for an attacker to get at you over someone who does not have complex password.”

“Don’t use password123 for everything; that can get hacked in a millisecond. Because of the speed at which this is happening, if you’re hard to get to within a couple of minutes, they’ll move onto the next. if you’re doing that at an enterprise level, your organisation becomes one that is less targeted than the one next door that does not use complex passwords.”

For more free advice around cyber security for yourself, your organisation and your events, visit austcyber.com.

Want more content like this? Sign up to our free e-newsletter and receive more articles like this, tips and how-to’s, savings or other subscriber-worthy incentives.

We use cookies to ensure that we give you the best experience on our website. You can view our privacy policy by clicking here