1. EDUCATE YOURSELF.Bobrow says 16 years after 9/11, and 11 years since Hurricane Katrina, more than 50 percent of the planners she works with still don’t have an emergency plan. “It’s not sexy,” she says of security. That makes cybersecurity education sessions, in particular, a tough sell to attendees. But Bobrow and Owen say they’re worth it, not only to learn how vulnerable you are, but also how to protect attendees at your events.
2. SET PRIORITIES.Because you can’t (and shouldn’t plan) for every possible danger, Bobrow suggests planning contingencies for scenarios most likely to occur. For instance, you probably don’t have to worry about a hurricane in California, but earthquakes, fires and floods are a real concern. Owen notes this philosophy extends to data. What information might hackers be most interested in? The most likely answer is personal information like social security numbers. If you need to have a list with coveted information, place it on a device you won’t plug into a public outlet or connect a USB cable to.
3. REMEMBER YOUR PHONE IS A COMPUTER TOO.Most people know their laptops and desktops (even Macs, despite popular belief!) are vulnerable to hackers. But smartphones are as susceptible to breaches. Just as Ransomware can be used to steal data off a phone, antivirus software can be installed on all devices to protect against it. Bobrow says she doesn’t do online banking on her phone to be extra cautious. Owen adds SMShing, a fraudulent kind of texting, is among the newest threats.
4. BE SMART ABOUT EMAIL AND PASSWORDS.How sophisticated have email attacks become? In CEO fraud, the latest spear phishing threat is emails appearing to originate from company executives are sent to chief financial officers. Bobrow says such emails often refer to the status of a wire transfer. Remarkably, the tactic has proven effective. It may sound obvious, but Bobrow also emphasizes not downloading attachments from someone you don’t know. PDFs and zip files are among the most suspicious. Another commonsense defense: Don’t repeat passwords on different accounts. “You might as well leave your door unlocked,” she says.
5. KEEP IT REAL.
Bobrow recalls attending a conference where a speaker from a security company mirrored the event’s registration website. Within 30 minutes, the speaker had five people try to sign up on the wrong page. Owen suggests sending a screenshot to attendees with what the real site looks like to prevent them from be fooled by fake pages.