Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
The NFL’s Super Bowl attracts millions of fans but also is an inviting cybersecurity target against corporate sponsors and the participating teams, cybersecurity professionals told Bloomberg BNA.
Companies looking to benefit from Super Bowl exposure need to be aware of the risks that go along with the heightened visibility, Jeremy Samide, chief executive officer of Ohio-based cybersecurity company Stealthcare LLC, told Bloomberg BNA Feb. 2. Hackers see the Super Bowl “as a treasure trove of information” and may take advantage of the increased exposure and influx of data, he said.
The Super Bowl is the NFL’s premier American game and has been the most watched TV event in the U.S. for decades, Bloomberg data show. Approximately 111.9 million viewers throughout the U.S. tuned in to watch the Denver Broncos beat the Carolina Panthers in the 2016 Super Bowl, the data indicate.
There is big money to be made by hackers if they are able to infiltrate the information technology systems of the NFL, one of its teams or corporate sponsors, such as Microsoft Corp., Verizon Communications Inc. and Anheuser-Busch InBev SA/NV. The Super Bowl alone can generate revenue of about $620 million, according to a report by Statista. On top of that, an estimated $15.5 billion was spent by consumers on Super Bowl-related purchases in 2016, the report said.
Other organizations that support the big game are at risk, such as the Houston Super Bowl Host Committee. NFL sponsors and partners that help put on the big game, such as Accenture Plc, Chevron Corp., General Electric Co. and Hess Corp., might introduce their own cybersecurity issues that might affect other companies in the supply chain, cybersecurity pros said.
The hype around the big game mainly focuses on the play on the football field and the millions of dollars in television ad revenue generated. Twenty-First Century Fox Inc. Executive Vice President Bruce Lefkowitz predicted to Bloomberg News that the upcoming Super Bowl game will be the largest revenue day in the company’s history. Fox is seeking $5 million for 30 seconds of airtime. But lurking behind the scenes are hackers and other wrongdoers who hope to cash in on valuable data collected by the NFL, its corporate sponsors and the football teams.
Although there are risks that hackers may disrupt the Super Bowl broadcast signal or take down critical infrastructure that support the big game, the biggest cybersecurity risk may rest with third party vendors, Peter Tran, general manager and senior director at cybersecurity solutions company RSA Security LLC, told Bloomberg BNA.
Samide agreed, saying that hackers may try to work their way into the more secure information technology infrastructure of the NFL or one of their larger corporate sponsors through weak cybersecurity potentially provided by a third party vendor, Samide said. Because of this, third party vendors and those they do business with “should double down on their cybersecurity measures,” he said.
The IT behind the Super Bowl, including ticketing systems, on-field performance data collection and television and radio broadcast signals, are mainly supported by third party vendors. Because the NFL and its partners work with multiple third party vendors that each have different IT infrastructures, there likely is an increased cybersecurity risk, including ransomware, distributed denial of service, malware and other attacks, surrounding the Super Bowl, the cybersecurity pros said.
The NFL and “each vendor” must check their systems to make sure “they aren’t the weakest link in the chain,” Tran said. If a vendor is the weakest link, it could cause reputational and material damage to its own profits as well as those further up the supply chain, he said.
There may be a “national digital deflate-gate debate” if there is a major cyberattack during the Super Bowl, Tran said, referencing the New England Patriots scandal over the alleged purposeful deflation of footballs that led to a four-game suspension of star quarterback Tom Brady.
The NFL told Bloomberg BNA Feb. 2 that it declined to comment. Representatives for the Houston Super Bowl Host Committee didn’t immediately respond to Bloomberg BNA’s e-mail request for comment.
Companies of all sizes that do business with the Super Bowl, and any other event of that magnitude, should implement encrypted communication methods, use two factor authentication, increase cybersecurity training for all employees, identify and classify sensitive data and develop an incident response plan, Samide said. Companies should continue the heightened awareness even after the Super Bowl because it may help prevent a hack attack, even unrelated to the big game, he said.
A Super Bowl cyberattack could also affect the play on the field, which could lead to reputational harm and lost profits for gambling venues and future ad revenues, Tran said. According to Statista, $132.5 million was wagered in Nevada on the 2016 Super Bowl.
Teams generally don’t think of themselves as a high value target for hackers, but the increase use of big data during game play has increased the cyberattack risk landscape for most NFL franchises, he said. If a team experiences a cyberattack, it could lead to a loss of integrity of the data which in turn may lead to lost revenues and decreasing viewership, Tran said.
To contact the reporter on this story: Daniel R. Stoller in Washington at firstname.lastname@example.org
To contact the editor responsible for this story: Donald Aplin at email@example.com
Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)