Cyber Security for Sport Organisations

Cyber Security for Sport Organisations

On this page you will find links to a wide range of guidance notes and tools that are designed to support individuals and organisations when it comes to enhancing cyber security awareness and practices.

Many of these have been provided by the National Cyber Security Centre – a Governmental organisation that provides a unified source of advice, guidance and support on cyber security.

Research carried out by the NCSC on the matter of Cyber Threat to Sport Organisations highlighted the alarmingly high prevalence of cyber threats to the sport sector – and identified key areas in need of review.

To help find out how resilient your organisation is to a cyber attack, and how ready it is to respond to cyber incidences, you may wish to take advantage of this free online service (registration required). You will receive a tailored report – helping you identify your next steps and pointing you towards the guidance which is most relevant for your organisation.

Exercise in a Box – NCSC.GOV.UK

Current situation in Ukraine

In light of the current situation in Ukraine, the NCSC has urged organisations of all sizes to follow its guidance on steps to take when the cyber threat is heightened.

The guidance can be viewed here – Actions to take when the cyber threat is heightened – NCSC.GOV.UK, it encourages organisations of all sizes to follow actionable steps that reduce the risk of falling victim to an attack.

While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, there has been an historical pattern of cyber attacks on Ukraine with international consequences.

Cyber Security for small businesses

Cyber security can seem like a daunting challenge for small business owners. This may be especially true for organisations that may not have the support of a dedicated IT team to lead a security strategy, and to call upon in the event of an incident. The simple steps outlined in the below guides could save time, money and even an organisation’s reputation.
https://www.ncsc.gov.uk/collection/small-business-guide
https://www.ncsc.gov.uk/collection/small-business-guidance–response-and-recovery/video-collection
https://www.ncsc.gov.uk/collection/small-business-guidance–response-and-recovery/resources
 
Home working during the pandemic

The shift towards virtual working has led to an increased incidence of cyber attacks and data breaches.  Here you will find technical and practical solutions to some of the additional challenges that comes with working from home.
https://www.ncsc.gov.uk/guidance/moving-business-from-physical-to-digital
https://www.ncsc.gov.uk/guidance/home-working
https://www.ncsc.gov.uk/guidance/video-conferencing-services-security-guidance-organisations
https://www.ncsc.gov.uk/blog-post/secure-home-working-personal-it
 
 Email Security & Phishing

Insufficient email security controls has been identified as one of the main concerns when it comes to cyber security in the sport sector. At the same time, cyber criminals are becoming increasingly sophisticated when it comes to threats such as phishing and spoof emails.

These guides suggest ways to secure your organisations email systems, and also give advice on how to spot, deal with, and protect against potentially harmful emails.
https://www.ncsc.gov.uk/guidance/suspicious-email-actions
https://www.ncsc.gov.uk/information/report-suspicious-emails
https://www.ncsc.gov.uk/collection/email-security-and-anti-spoofing
https://www.ncsc.gov.uk/guidance/phishing

You may also wish to use the below service to check whether your email has been subject to a data breach. They can also notify you if you are involved in any future breaches.

Have I Been Pwned: Check if your email has been compromised in a data breach

Passwords and MFA

It is well established that good password hygiene is one of the most basic strategies when it comes to cyber security. Despite this, it is still often overlooked. Here you will find password strategies that can help your organisation remain secure. This includes the use of Multi-Factor-Authentication as an additional safeguard against unauthorised access.
https://www.ncsc.gov.uk/guidance/multi-factor-authentication-online-services
https://www.ncsc.gov.uk/collection/passwords
https://www.ncsc.gov.uk/information/exercise-in-a-box
 
Risk Management

The NCSC emphasise that Risk Management should be more than a mere box-ticking exercise, and that many organisations’ strategy can be overly focused on compliance (e.g. GDPR) – rather than identifying and evaluating actual risks. Implementing an effective Risk Management strategy will help your organisation take a more targeted and pro-active approach to enhancing cyber security.
https://www.ncsc.gov.uk/collection/board-toolkit
https://www.ncsc.gov.uk/collection/board-toolkit/risk-management-for-cyber-security
https://www.ncsc.gov.uk/collection/caf/cyber-assessment-framework 
 
Office 365 Secure Configuration Guidance

The increase in cyber attacks has in part been facilitated by the increased popularity of Software-as-a-Service solutions, such as Office 365, which offers access to an organisation’s system from anywhere with a valid username and password.

Whilst this offers great practical benefits to an organisation – it is essential that these benefits are balanced with adequate security measures. Here you will find step by step guidance on Office 365 configuration to help optimise its security settings.
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2MHP5 (Step-by-step guidance on Office 365 configuration)
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview (Conditional Access)
 
Cyber Training

Staff empowerment is possibly the most effective tool when it comes to enhancing cyber security. Here is a free training course for staff that covers a variety of topics, such as phishing, password security, and how to secure devices.

https://www.ncsc.gov.uk/blog-post/ncsc-cyber-security-training-for-staff-now-available

NCSC have uploaded threat videos to their NCSC YouTube channel:

•           Ransomware: https://youtu.be/DWmMm5IhLDw

•           Phishing: https://youtu.be/NhaPVefCjDo

•           Security culture: https://youtu.be/Mz0VQx87xvc

Reporting incidents

Prompt reporting of any incidents can help minimise any damage or losses suffered to your organisation. For details on how to report an incident to the NSC, click below;
https://report.ncsc.gov.uk/

Zoom Video Conferencing training

Recorded training sessions available here

Cyber Learnings from the WSA

Cyber Learnings from the WSA

Our Partners

Start typing and press enter to search

Scroll to Top
Team Manager 1 – Online WSA Lunchtime Learning – Helping you Get on With Life (Personal Financial Planning) Team Manager 2 – Online Mental Health Awareness Course (3hours) Creating an Inclusive Culture in Sport – FREE member Networking Breakfast Sports Volunteer Research Focus Group NED & Senior Leadership Training 2 Leading Sport: Board Composition and Inclusive Leadership Team Manager 1 – Online Carbon Literacy Day 1 WSA Annual General Meeting 2024 Team Manager 2 – Online Carbon Literacy Day 2