From Russian-affiliated hackers taking health information from the World Anti-Doping Agency and doxing several prominent US athletes, to a former Major League Baseball scouting director breaking into an opposing team’s data records, to a NBA basketball team falling victim to a phishing scam, cyber security is becoming an increasing worry for high- profile sports organizations. With leagues, athletes and team franchises i turning to technology — be it social media, virtual reality, big data or mobile apps — for strategy or business growth, hackers are also beginning to see the value of that data.
A professional sports club was faced with a sensitive personnel situation when they sought to terminate the employment of a senior IT staff member. The club’s senior executives and head of security realized that the termination could pose a potentially serious insider risk if the soon-to-be-former employee decided to sabotage the computer network environment or craft an unauthorized backdoor to gain remote access after departure.
We took a three-fold approach. First, we assessed existing vulnerabilities. Second, we provided recommendations to mitigate the threats before the employee’s contract was terminated. Third, we brought in behavioral science specialists to advise the club on best practices for handling the termination notification and the exit interview, and maintaining contact with the individual post-employment to monitor behavior.
The club adopted our recommendations, and the employee transition went smoothly.
- Protected the organization’s valuable player and customer personally identifiable information (PII)
- Provided technical and behavioral insights that eased the client’s task of removing an employee who had access to the club’s most valuable information
- Helped mitigate the club’s overall insider risk