June 3, 2020

More devices connected to the network, increased wireless access, and a steep increase in the volume of content and data can leave room for temptation from outside attackers. Security, however, is not just about hacks and stolen data, it's important to fix internal flaws and embed best security practice to avoid accidental errors and protect yourself from both insider and outsider threats.

With so much going on, knowing where to start and what you should secure can be confusing.

AVIXA™ spoke to a panel of experts about the need for secure systems when planning and executing a live event and how to mitigate the risk.

John Pescatore, Director, Emerging Security Trends, SANS Institute, USA, stated, “We have seen attacks where video is actually carrying the malware, so if they are read by something vulnerable then often that can kick off malware. That’s a new video and audio centric attack.”

“There are new video and audio centric attacks, but the starting point is basic security hygiene.”
John Pescatore
Director, Emerging Security Trends, SANS Institute, USA
John Pescatore

Pescatore recommends that the starting point is really basic security hygiene, i.e., the ‘wash your hands and don't touch your face’ of the computer world, “Make sure users are aware of what could go wrong security-wise and how to notice things. It is not just PCs and servers – video cameras and badge rating systems are examples of operational technology that have vulnerabilities and need to be patched up quickly as the bad guys will exploit those missing patches.”

Bart van Moorsel, European Solutions Design Specialist, Tech Data, Amsterdam, stressed the importance of starting with the basics in IT – applying patches and fixes. “Change the default password to a secure password. Switch off what you don't need, because that leaves open holes that could be exploited and switch on what improves your security. So, in live events that could mean encrypting your communications, making sure that the access control to the live event is properly configured.”

Pescatore added, “Event technical staff are really good at dealing with unexpected event emergencies. Quite often that introduces a security hole that could be there when the next event is held, so it's important that the IT staff at these events understand the basics of security and have some well documented processes.”

Watch the full roundtable discussion on Best Practice Security Measures for AV in Live Events.

Best Practice for Security Measures for AV in Live Events Screenshot | AVIXA