Content

Cybersecurity should be No. 1 pick on NFL Draft Day

As the NFL Draft goes virtual today during the COVID-19 pandemic, the buzz is as much about cybersecurity as it is about whether LSU quarterback and Heisman Trophy winner Joe Burrow will be the number one draft pick.

OK, that might be an exaggeration, but cybersecurity is taking front and center at the now virtual event as the use of new apps, multiple devices and Zoom teleconferencing make teams and the event itself more vulnerable to hackers and mischief makers.

“All eyes will indeed be on the NFL draft. It appears that contingencies are in place and there has been a dry run,” said Thycotic CISO Terence Jackson, adding that no solution, though, is 100 percent effective. “Draft day will be the best day of some of these players lives and it is up to the IT and security professionals to make sure it’s not marred by a cyberattack.”

During this year’s draft, GMs will submit their picks to NFL Commissioner Roger Goodell, working from his home basement, by phone or online. And instead of standing in a holding area behind the scenes, draft picks will be waiting remotely and using Zoom to communicate and react to their fates.

“As team personnel collaborate on Draft Day, they will be sharing data between multiple devices; exemplifying how employees access data fluidly between traditional endpoints and mobile devices with the adoption of cloud-based technologies,” noted Hank Schless, senior manager, security solutions, at Lookout.

Mischief-makers often disrupt Draft Day proceedings – witness fans from opposing teams booing and throwing objects. Those intentions along with the privacy concerns over Zoom could open the door to shenanigans and worse.

While “NFL picks aren’t what we traditionally associate with valuable corporate data, however, they could be highly valuable to a malicious actor on Draft Day,” said Schless. “Having this data stolen and shared out to the world ahead of that team’s pick could alter the future of their organization.”

To protect the draft, cybersecurity firm CRITICALSTARTadvises teams and the NFL to: 

  1. Leverage both strong passwords and multifactor authentication for meetings channels.
  2. Scrutinize every email.
  3. If using Zoom, follow corporate best practices.
  4. Tightly manage your social media channels. 
  5. Scrutinize all your communications.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.