Cyber Security for Sport Organisations
On this page you will find links to a wide range of guidance notes and tools that are designed to support individuals and organisations when it comes to enhancing cyber security awareness and practices.
Many of these have been provided by the National Cyber Security Centre – a Governmental organisation that provides a unified source of advice, guidance and support on cyber security.
Research carried out by the NCSC on the matter of Cyber Threat to Sport Organisations highlighted the alarmingly high prevalence of cyber threats to the sport sector – and identified key areas in need of review.
To help find out how resilient your organisation is to a cyber attack, and how ready it is to respond to cyber incidences, you may wish to take advantage of this free online service (registration required). You will receive a tailored report – helping you identify your next steps and pointing you towards the guidance which is most relevant for your organisation.
Current situation in Ukraine
In light of the current situation in Ukraine, the NCSC has urged organisations of all sizes to follow its guidance on steps to take when the cyber threat is heightened.
The guidance can be viewed here – Actions to take when the cyber threat is heightened – NCSC.GOV.UK, it encourages organisations of all sizes to follow actionable steps that reduce the risk of falling victim to an attack.
While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, there has been an historical pattern of cyber attacks on Ukraine with international consequences.
Cyber Security for small businesses
Cyber security can seem like a daunting challenge for small business owners. This may be especially true for organisations that may not have the support of a dedicated IT team to lead a security strategy, and to call upon in the event of an incident. The simple steps outlined in the below guides could save time, money and even an organisation’s reputation.
Home working during the pandemic
The shift towards virtual working has led to an increased incidence of cyber attacks and data breaches. Here you will find technical and practical solutions to some of the additional challenges that comes with working from home.
Email Security & Phishing
Insufficient email security controls has been identified as one of the main concerns when it comes to cyber security in the sport sector. At the same time, cyber criminals are becoming increasingly sophisticated when it comes to threats such as phishing and spoof emails.
These guides suggest ways to secure your organisations email systems, and also give advice on how to spot, deal with, and protect against potentially harmful emails.
You may also wish to use the below service to check whether your email has been subject to a data breach. They can also notify you if you are involved in any future breaches.
Passwords and MFA
It is well established that good password hygiene is one of the most basic strategies when it comes to cyber security. Despite this, it is still often overlooked. Here you will find password strategies that can help your organisation remain secure. This includes the use of Multi-Factor-Authentication as an additional safeguard against unauthorised access.
The NCSC emphasise that Risk Management should be more than a mere box-ticking exercise, and that many organisations’ strategy can be overly focused on compliance (e.g. GDPR) – rather than identifying and evaluating actual risks. Implementing an effective Risk Management strategy will help your organisation take a more targeted and pro-active approach to enhancing cyber security.
Office 365 Secure Configuration Guidance
The increase in cyber attacks has in part been facilitated by the increased popularity of Software-as-a-Service solutions, such as Office 365, which offers access to an organisation’s system from anywhere with a valid username and password.
Whilst this offers great practical benefits to an organisation – it is essential that these benefits are balanced with adequate security measures. Here you will find step by step guidance on Office 365 configuration to help optimise its security settings.
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2MHP5 (Step-by-step guidance on Office 365 configuration)
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview (Conditional Access)
Staff empowerment is possibly the most effective tool when it comes to enhancing cyber security. Here is a free training course for staff that covers a variety of topics, such as phishing, password security, and how to secure devices.
NCSC have uploaded threat videos to their NCSC YouTube channel:
• Ransomware: https://youtu.be/DWmMm5IhLDw
• Phishing: https://youtu.be/NhaPVefCjDo
• Security culture: https://youtu.be/Mz0VQx87xvc
Prompt reporting of any incidents can help minimise any damage or losses suffered to your organisation. For details on how to report an incident to the NSC, click below;
Zoom Video Conferencing training
Cyber Learnings from the WSA