Newsflash: Most event organizers spend more time worrying about physical security for their conferences rather than the disruptor that can really impact it: hackers. Why? Because they think everyone else has cybersecurity handled, from the hotel to the AV/IT company they hired.
Truth be told, you need to start weaving the right cybersecurity measures into your event. And not next year, next quarter or next month. You need to do it today.
Hackers are constantly looking for easy-to-crack networks where data is plentiful. These bad actors have one or more agenda items in mind, including:
• Stealing the identities of your attendees
• Carrying on corporate espionage
• Practicing for larger hacks
• Damaging the reputation of your organization and/or one of your speakers
• Holding your data hostage for ransomware
This post will explore the ways they move into your meeting and what you can do to keep them at bay.
How Hackers Hack
The easiest way for cybercriminals to get into your data is through the hotel or conference center’s Wi-Fi system. These routers generally have low encryption levels.
However, if this method is unsuccessful, they will set up hot spots with names that look very similar to the venue’s ISP. For example, if you are meeting at the Jacob K. Javits Convention Center in Manhattan, the venue might have a Wi-Fi name of JavitsCC. A criminal will set up hot spot name of JavtsCC (without the i) and an unsuspecting person will log onto the wrong system.
Seven Prevention Measures
Jim Spellos, Owner of Meeting U. and I offer the following security suggestions:
1. Make it a prerequisite that anti-virus software is on all devices at the event.
My recommendation is to check at registration all meeting participant devices for current versions of the OS, apps and anti-virus programs.
2. Check to see if the venue to has end-to-end encryption.
While it is somewhat unlikely they will, if planners keep asking for it, venue management will invest in it.
3. No end-to-end encryption? Tie all event devices to a VPN.
A Virtual Private Network installed on all attendees, exhibitors and event staff computers and smartphones will make it harder for cybercriminals to crack into your network because all activity is encrypted and invisible on the venue’s ISP.
4. Adhere to a strong passwords policy, get a facial recognition app or focus on two-factor authentication.
5. Use intelligent badges.
Just like government employees, each badge will have a microchip that allows individuals into selected areas of the conference center. It is vital that everyone adhere to this policy, so bad actors can’t get into restricted areas due to lax enforcement of your policy.
6. Lock up rooms when not in use.
When attendees go on break or leave a room for lunch, the conference security detail needs to lock the room, or if that is not possible, each attendee must take their devices with them. It only takes a few seconds to steal a laptop and according to the FBI, cybercriminals can hack into a laptop in roughly 40 seconds.
7. Run a vulnerability test of the system thirty days before the event and put preventative measures in place before attendees arrive.
Brought to You by Shellproof Security
We understand a breach of a single attendee’s data can be enough to tarnish your event. We work together with you to adequately protect your meeting from the toughest cyber foes. Call us at 212-887-1600 to speak to one of our knowledgeable team members about vulnerability testing, assessments, monitoring and training!