Rugby World Cup reflects need for heightened cybersecurity around sport
James Thorpe
Share this content
Throughout the Rugby World Cup, off the pitch, cybersecurity was a major priority.
Teams, associations and venues were sharing and processing vast amounts of sensitive information – which is extremely valuable to cyber-criminals.
Rugby World Cup facing threats
The Rugby World Cup, like many other major sporting events, was an event extremely vulnerable to cyber-attacks, especially from bad actors with financial motives.
According to the Cybersecurity in Sport report published by GlobalData, sport will become an increasingly common target for cyber-attacks.
In fact, 70% of sports organisations are experiencing a cyber-incident per annum – and major events such as the Rugby World Cup face an even higher threat.
Niall McConachie, Regional Director (UK & Ireland), Yubico explains how sporting organisations can best prevent these phishing attacks: “Previous business email compromises (BEC) around major sporting events underscore the urgency for enterprises to establish and enforce human-centric security best practices that are supported by modern phishing-resistant MFA.
“Traditional password-based authentication has proven insufficient in the face of these evolving threats and as email-based phishing attacks grow in sophistication and targeting, even tech-savvy individuals can fall victim.
“To effectively mitigate these types of attacks around major sporting events, organisations should implement passwordless cybersecurity such as strong two-factor authentication (2FA) or MFA.
“By removing the need for passwords, strong 2FA and MFA are more user friendly and bridge the gap between personal and professional data security.”
“The most effective option”
McConachie added: “Phishing-resistant FIDO2 security keys, for example, have proven to be the most effective option to keep businesses and people secure online.
“Phishing-resistant MFA, that comes in the form of a FIDO2 security key, helps organisations better protect online accounts without relying on the user’s vigilance.
“Unlike conventional MFA methods vulnerable to phishing, this approach focuses on identity verification and intent through deliberate action.
“While common, passwords, SMS, OTPs, security questions and push notifications are susceptible to various attacks.
“By adopting phishing-resistant MFA, sporting organisations can protect digital identities against evolving threats and safeguard sensitive information.”