Freely subscribe to our NEWSLETTER

Ilia Sotnikov, Security Strategist at Netwrix, explains what organisations involved in the Summer Games 2024 should do now to protect their business operations:

“Cybercriminals are adept at capitalising on the chaos of high-demand events like this one, where the urgency and high volume of online and physical transactions amplify the potential for fraudulent activities. Stores, restaurants, hotels, transport companies, and other local organisations can expect a significant increase in cyber threats, including phishing, ransomware, and business email compromise (BEC), as attackers look to take advantage of any vulnerability during this massive event. With both money and reputation at stake and global attention focused on the event, organisations need to reassess their security efforts. Here are five recommendations on how to improve security posture within such a limited time frame:

“Conduct employee training – Organisations must ensure that everyone is prepared to handle cyber threats, as well as that awareness remains high and best practices are applied throughout the event. This training should include, explaining how to recognise and avoid common threats, establishing the procedures to follow in the event of a suspected cyberattack, and ensuring that employees follow password management best practices, including the use of strong, unique passwords.

“Implement multifactor authentication (MFA) – One of the most effective measures for reducing the risk of successful attacks is to step up from simple passwords to MFA. By requiring multiple forms of authentication, MFA makes it much more difficult for attackers to compromise user accounts.

“Review access rights – Every organisation should have its security specialists review the access rights of all identities in the system and remove excessive privileges, even if it has never been done before. The goal is to strictly enforce the least privilege principle, which means that each user has just enough privileges to perform their tasks. This step is crucial to reducing the attack surface because it minimises the damage that can be done by a malicious employee or an intruder who compromises their account.

“Create or improve an incident response plan (IRP) – An organisation’s IRP provides step-by-step guidance on responding to attacks, breaches, discovery of vulnerabilities, and other security events. However, simply creating an IRP is not sufficient; organisations need to practice their plan before the Games 2024 to make sure everything works properly, and everyone is aware of their responsibilities.

“Ensure the security of the supply chain – An organisation’s supply chain involves multiple parties and interconnected systems, each with varying levels of cybersecurity readiness. Every organisation should keep in mind that every component of their supply chain can become a gateway for cybercriminals and that attacks on their service providers, suppliers, partners, and contractors will also intensify during the Summer Games 2024. Therefore, organisations need to have an in-depth understanding of their external connections and implement all the best practices mentioned above.

“The overarching goal for all organisations involved in the Paris Summer Games 2024 – from the smallest to the largest – is to ensure that everyone is trained to deal with cyber threats and that necessary cybersecurity measures are in place to protect data, identities, and infrastructure.”