Virtual Roundtable: Live Event Companies Must be Proactive in Managing Network Security Risks
By Jaisica Lapsiwala
More devices connected to the network, increased wireless access, and a steep increase in the volume of content and data can leave room for temptation from outside attackers. Security, however, is not just about hacks and stolen data, it's important to fix internal flaws and embed best security practice to avoid accidental errors and protect yourself from both insider and outsider threats.
With so much going on, knowing where to start and what you should secure can be confusing.
AVIXA™ spoke to a panel of experts about the need for secure systems when planning and executing a live event and how to mitigate the risk.
Post-COVID-19, what does the future of live events look like and what will the impact be on best practice security?
Matt Harvey, VP of Specialty Services, PSAV, USA, “Security is going to be important and we're going to see a huge amount of hybrid events where smaller groups of people will meet more locally, but potentially small groups connected across the world. That produces a lot of different logistical challenges in terms of how you manage an event like that, and places much more reliance on the network and the internet, particularly in terms of how you move content on video around efficiently and there is a security aspect there.”
“The other thing we will need to be aware of in the hybrid world is redundancy in terms of backup equipment, backup bandwidth, and that's something that lots of venues don't necessarily have right now. Networks are built for guest Wi-Fi access and not for production use and it is important for event planners to understand what the capabilities of the network are from a production perspective, particularly around backups and redundancy.”
“A very worrisome thing when we move more virtually is deep fakes.”
John Pescatore
Director, Emerging Security Trends, SANS Institute, USA
Agreeing with Harvey, Paul Zielie, CTS-D, CTS-I, IT and AV Systems Engineer, AVCoIP, USA, said, “The hybrid event is going to be increasingly important and that also includes potentially remote speakers and as this technology comes in, the big impact to event companies will be that, once you're dealing with content that's going in and out - depending on who's providing it, you are now inheriting the security requirements of your customer.”
John Pescatore, Director, Emerging Security Trends, SANS Institute, USA, added, “We've already seen in places like Singapore and China, which have opened up, that there is a requirement for attendees to show infection status. Whether it's contact tracing apps or other things, event holders will have a responsibility to stop infected people [from getting] into the event physically, so physical authentication is going to be a much bigger deal than it's been in the past.” He added, “Tied in with that, we're going to see the realization that another one of these can happen and we need to test our preparedness. We're all familiar with fire drills periodically. We're going to do remote drills and we're going to practice working from home.”
“A very worrisome thing when we move more virtually is deep fakes. People can modify the video to change what that person said in ways that many people will believe. So, for events the storage of video, the protection, the integrity services is more important than in the news industry, and I think when we start thinking about events moving from live to virtual and the level of the record being that captured video, that's going to rise up in importance.”
What can the live events industry do to be proactive rather than reactive when it comes to security?
The message from Zielie was clear and simple, “Think about it before you have a problem.”
Bart van Moorsel, European Solutions Design Specialist, Tech Data, Amsterdam, amplified the importance of a plan, “Build your knowledge on the topic. You need to know what is happening to understand and then make a plan.”
“Get … out of the straw houses that many businesses are in and … get to a stick house….”
John Pescatore
Director, Emerging Security Trends, SANS Institute, USA
Pescatore ended on a fairytale analogy with The Three Little Pigs and the Big Bad Wolf, “We don't need to do complicated risk analysis to say that straw houses are bad. We may want to ask, do we really need a stone house? Do your basic security hygiene - make security important and get the hell out of the straw houses that many businesses are in and at least get to a stick house, at least get to a standard level of hygiene.”
Watch the full roundtable discussion on Best Practice Security Measures for AV in Live Events.