In an Installation exclusive, AVIXA communications manager Krystle Murphy and content producer Jaisica Lapsiwala explore the world of network security in live events and share their thoughts on what the landscape will look like beyond the COVID-19 pandemic…
As the volume of AV devices grows and the complexity of computer capabilities also increases, we have seen the security risk increase in live events. With many more devices than ever before, more devices connected to the network, increased wireless access, a plethora of multimedia content and data, there is a lot of temptation from outside hackers. However, security is not just about hacks and stolen data, we also need to fix internal flaws and embed security best practices to avoid accidental errors. Let’s examine the threats and how to prevent them, from the experts at AVCoIP, PSAV, SANS Institute, and Tech Data.
John Pescatore, director, emerging security trends, SANS Institute, which specialises in information security and cybersecurity, says there are common patterns when a new technology is introduced. The first thing hackers will do is disrupt things – denial of service or cause things to crash.
“If you think about a live event, all of a sudden, the entire network went down and disconnected all the screens and the booths and the systems and so on; that’s usually the low-hanging fruit,” says Pescatore. “What normally happens with a new technology or a new way of doing business, first we get the business going and then we think about security. Then later on, the cyber criminals get interested. What can they do to make money from these vulnerabilities?”
A cybercriminal’s thought process? Get on a network and view credit card transactions or personal information that can be used for identity theft or new account fraud, shares Pescatore. The cleverer and more determined attackers think about where else they can get to.
For instance, from a hotel network for an event, they then get into the systems of a vendor who is connected back to their home office, and then they think ‘what can I do from there?’
Events in a Post-COVID-19 World
The future of live events will unarguably be different in a post-COVID-19 world – from smaller gatherings, more space, to health checks. While countless in-person events have been cancelled in 2020, some organisations took theirs virtual. Many people expect the virtual element will have staying power – and marry with the in-person event.
“Security is going to be important and we’re going to see a huge amount of hybrid events where smaller groups of people will meet more locally, but potentially small groups connected across the world,” said Matt Harvey, vice president of specialty services for PSAV. “That produces a lot of different logistical challenges in terms of how you manage an event like that and places much more reliance on the network and the internet, particularly in terms of how you move content on video around efficiently and there is a security aspect there.”
Paul Zielie, CTS-D, CTS-I, IT and AV systems engineer, AVCoIP, agrees with Harvey. “The hybrid event is going to be increasingly important and that also includes potential remote speakers.” Now you have a lot of content going in and out of the venue, adding a new layer of security risks”, he shared.
Another thing to be aware of in a hybrid world, according to Harvey, is backup equipment and bandwidth, which a lot of venues don’t have right now. Their networks are built for guest Wi-Fi access and not for production use.
It’s important for event planners to understand what the capabilities of the network are from a production perspective, particularly around backups and redundancy, he says.
It’s easy to get overwhelmed by the seemingly limitless ways security can be breached. So, what’s the solution?
“The first and last most important thing in security is people. People are very important to close the gaps and make your chain as strong as possible,” says Bart van Moorsel, European solutions design specialist, Tech Data. “People working within your organisation need to understand the typical risks of using equipment, they need to understand how to behave and what kind of responsible behavior we expect from them.”
“Make sure users are aware of what could go wrong security wise and how to notice things,” said Pescatore. “It is not just PCs and servers – video cameras and badge systems are examples of operational technology that have vulnerabilities and need to be patched up quickly as the bad guys will exploit those missing patches.”
Van Moorsel stresses the importance of starting with the basics in IT. “Change the default password to a secure password. Switch off what you don’t need, because that leaves open holes that could be exploited. Switch on what improves your security,” he says. “In live events that could mean encrypting your communications, making sure that the access control to the live event is properly configured.”
“Currently, AV manufacturers don’t really understand IT to the degree that we need them to, and IT network operators don’t understand live event production very well at all. So, trying to improve the collaboration understanding of those two worlds is going to be huge,” said Harvey.
The message from Zielie is clear and simple for how to be proactive about security: “Think about it before you have a problem.”
In 2018, AVIXA published Recommended Practices for Security in Networked AV Systems, which provides essential steps to form an effective AV security programme. It outlines how to identify vulnerabilities and potential threats created by the network integration of AV systems; assess risk, develop a plan to mitigate, and respond to identified (and unidentified) risks; and deploy controls to continuously address and manage security risks in AV systems.
“We have a responsibility to the customers’ networks we’re on to make sure our AV systems are not enabling intrusions; that we’ve done everything we can to understand what’s at stake and take steps to mitigate the risk for the entire enterprise,” said Ann Brigida, CTS, CStd, AVIXA’s senior director of standards.