CYBER RISKS TO GOLF CLUBS PRESENTED BY: LEE NORIEGA MITCH FENTON
22.9 2018 Billion 3.5 TECHNOLOGY TRENDING Billion 2016 14.4 2.9 Billion Global Billion Social M Media Global Cybercrime 2014 Population • Established 2004 Annual Cost 7.125 • 12 years later… 2.5 $475 – $625 8.7 • Average 1.35 Billion Monthly Active Users Billion People Billion Billion • Average 703 Million Mobile Daily Active Users Billion 2012 Most Targeted Industries through Cyberspace in 2015 2.0 6.0 2010 Billion Billion 12% 14% 19% MANUFACTURING INFORMATION FINANCIAL 16% 15% 11% ENTERTAINMENT HEALTHCARE RETAIL & SPORTS Statistics from 2016 Verizon Data Breach Report and statista.com
IN THE NEWS February 7, 2015 Golf Club, Yuma, AZ: 41+ Unauthorized credit transactions March 8, 2015 Hotel, Montauk, NY: Website Defacement July 15, 2016 Golf Club, Yorkshire, England: £300,000 Wire Fraud August 16, 2016 Hotel & Golf Club, Fort Worth, TX: Part of massive breach resulting in credit card theft. The culprit was determined to be malware that had been in place since March 2015
CYBER THREATS SUPPLY CHAIN VULNERABILITY FOREIGN NATIONS NEGLIGENT USERS HACKTIVISTS WIRELESS ACCESS POINTS CRIMINAL REMOVABLE ELEMENTS MEDIA INSIDER TERRORIST ACTS THREATS
GOLF CLUB CYBER EXPOSURE RISKS VARIABLES Point of Sale (POS) Systems Networks Wireless Credit Cards Restaurants Local Area Network (LAN) Membership Information Lodging IP Cameras Financial Information Pro Shop Social Media Club Bank Accounts Reputational/Brand Damage 3 rd Party Vendors Employees HVAC Vendors Disgruntled Technology Vendors Colluding to Steal
PHYSICAL SECURITY THREATS Cybersecurity is NOT solely a technology problem. Protect your data center and computer terminals! • LOCKS: Only as good as your key control program. • Who has your keys? Are your doors commercial grade? Contractors use cheap material. • LIGHTS: Security lighting is not accent lighting. • CAMERAS: Pick a solid integrator. IP is great but keep them on a separate network. • FIRE SUPPRESSION: Water and technology do not mix! Use FM-200 near servers.
MYTH #1 – I’M A GOLF CLUB. I’M NOT A TARGET. Cyber criminals want the biggest bang for their buck. Reasons for this myth are: • Membership data is more valuable than you think • Cyber attacks are low risk and return high results • Unmonitored / unorganized networks are easier targets • Basic security tools are no match against today’s attacks
MYTH #2 – WE DON’T STORE PERSONAL IDENTIFIABLE INFORMATION (PII) Your golf club may not, but the cyber hacker doesn’t know that when they breach your network. When breached: • Your club may be a 3 rd party risk to other organizations • Your club may be used for nefarious purposes such as file storage • Your network may be used as a launch pad to go somewhere else • There is always information that can be used for subsequent or other attacks
MYTH #3 – WE’RE GOOD. WE HAVE A FIREWALL • A firewall is just one aspect to protecting your organization • A multi-layered approach to security is essential & based on people, processes, and technology • All organizations regardless of size should be ready to prevent, detect, and respond to today’s cyberattacks
MYTH #4 – WE DON’T HAVE A BUDGET FOR CYBER SECURITY. IT’S TOO EXPENSIVE Even the smallest golf clubs can implement enterprise-level protection on a budget. Low cost options: • Patch your software and applications – Regularly • Train your personnel – Empower them to be security aware • You don’t know what you don’t know. Monitor your network so management can make decisions based on current risk, not perceived risk
THE FALLOUT FROM A GOLF CLUB BREACH Members and employees entrust the golf club with their personal information. Mishandling this information can put your golf club at risk: • Reputational damage; loss of new and current membership • Financial damage; Breach expenses, (notifications, credit monitoring, legal fees) • Board reaction – Removing or firing of key personnel to so things are being done • Club passed over for key golf events (Private / Corporate Events, etc.) • Law Suits
Questions / Comments Thank You!
Recommend
More recommend
