How meeting profs can keep event data safe with the latest cybersecurity tools
You don’t want to be the next data leak to hit the headlines. Maintaining the security and protection of your organization’s information is a requirement for producing a successful event. Your attendees trust you and are counting on you to treat their information with the utmost care. Ever-evolving malware and ransomware pose growing threats to that sensitive information. You need a trusted cybersecurity program to prevent potentially costly compromises. But what to do?
Smart Meetings spoke with Ari Schwartz, former senior director of cybersecurity at the White House (he worked on technology policy during the Obama administration), and current managing director of cybersecurity services for Venable Cybersecurity Risk Management Group, to discuss best security practices meeting planners should consider in 2023.
Trust in the Cloud
The best way to protect the data of your event and beyond is to make sure you have proper encryption, says Schwartz. That starts with monitoring how and where data is downloaded. USB sticks can be compromised if plugged into a suspect computer. “You run the risk from the different laptops that you use it on,” he says.
Schwartz encouraged planners to look towards cloud storage to prevent possible issues. “I think sometimes people are wary of the cloud, but with the cloud you’re using reputable vendors. They’re investing more in security than you ever could,” he says.
Statistically, the chances of a major cloud incident are low. According to Schwartz, a car or plane crash are far more common than a major security incident in the cloud. “We don’t read about a lot of cloud incidents because they generally have really good security. When you do read about it, it’s something terrible.”
Read More: 10 Important Technology Questions to Ask in Your Next RFP
The most recent data breach involved a Washington, D.C.-based healthcare provider that exposed the data of 56,415 individuals including federal legislators and their families. Hackers on the dark web attempted to sell the private information. It was later confirmed by House Leader Kevin McCarthy and Minority Leader Hakim Jefferies that the FBI had purchased the information.
Regardless of the type of cybersecurity planners pick for their event, the success of the security is dependent on the identification authentication process. Multifactor authentication and redundant trained staffing can go a long way to keeping information secure.
“If you’re dependent on one person to get access, and you use multi-factor authentication, and it’s encrypted, you can lose all the data too. Back it up somewhere and keep that encrypted too. But it still comes down to the authentication and key management question, which can be complicated.”
Lockdown Your Laptops
For in-person events that require staff to use laptops and tablets to look up attendee information, or any other info, keep them under lock and key. “Account for all the devices, who has them, how they’re using them, and that they’re trained properly.”
Another smart tip. Don’t let staff download prohibited games onto company devices. It runs the risk of your computer or tablet getting malware and giving hackers the keys to your data.
Improved Public Wi-Fi
One thing that Schwartz noted that meeting planners can be thankful for is the improvement public Wi-Fi. “Public Wi-Fi security has gotten better. That’s helpful for meeting spaces and people because you have less one less thing to worry about,” Schwartz says.
Read More: Smart Tech: When Good Technology Goes Bad
You still need to do some homework. “You want to make sure you have secure modern Wi-Fi. Make sure you’re using the latest standards to communicate,” he says.
Secure internet (with password protection) will help attendees feel more comfortable logging on.
Prevent Monitoring at Events Overseas
If you’re hosting or attending an event overseas in China, Ukraine or Russia, Schwartz suggested bringing a new, blank device that doesn’t connect back to your old information. “Ideally, you’re just pulling down your email from there, rather than having access to everything,” Schwartz says.
If you are traveling to a country where you run of a high risk of being monitored, a clean device may be your best bet.
One important feature Schwartz recommended for planners is a broker to find the best cyber insurance for your event.
Cyber liability insurance typically covers areas such as crisis management expenses, business interruption and cyber extortion. Insurance agencies, like Amtrust Financial, allow for planners to customize their insurance options to include cyber liability. This takes one more thing off your plate.
“Find an insurance broker that knows cybersecurity. They should be able to give you a range of what insurance costs. It limits your liability in the space and limits your risk.”