Everton Football Club has signed Netskope to defend it cloud data and improve its GDPR stance. With one of its most famous players, Wayne Rooney, now back at the club, it hopes to finish this season challenging for silverware and qualify for the Champions League. Football is big business and the data the club holds is important for hackers and other people such as the press.
Phil Davies, ICT manager at Everton FC said: “Data security is a key priority for the club. Information on players and their contracts is a vital asset for us and fans also entrust us with their data, including personally identifiable information. We take this responsibility seriously so we’re keen to provide employees with the right tools to boost productivity without compromising on security.”
What is Everton protecting?
Data held by football clubs is prized by a lot of people. Hackers want access to medical, contract and personal data that can be ransomed back to players or sold. There are a lot of buyers for the data from the media to gambling syndicates. Hackers can also use the data in attacks against the club and its fans.
Football clubs are also getting closer to their fans with new fan engagement solutions. These solutions offer fans exclusive content on players as well as match day and stadium information. Their real value, however, is in the greater engagement for commercial purposes between the fans and the club.
Fan data includes personal and financial information such as names, addresses, date of birth and payment card details. Everton FC are keen to show their fans that they are taking the security of their data seriously. GDPR comes into force next year which also means the club has to protect itself. It has a global turnover of more than £120 million and any GDPR breach would be financial devastating to the club.
What are Netskope delivering?
Everton FC asked Netskope and the clubs cloud partner EveryCloud to undertake a Cloud Risk Assessment (CRA). Like any business, it has little control over the personal technology used by players and staff. The CRA showed what cloud-based apps and services were in use. The tests also showed how a Cloud Access Security Broker (CASB) could help reduce risk.
The tests were carried out using the Netskope Active Platform. As well as identifying all apps and services, it also showed how data was being used and where it was being stored. The Netskope platform also provides context-aware governance of cloud usage in real-time. This allows security teams to separate threats from acceptable usage and identify security breaches.
What does this mean?
Sports clubs might not have the intellectual property of large enterprises but they do have much more personal data on their employees. The medical records of players contain highly sensitive data that is of interest to hackers, media and gambling syndicates. The names and addresses of the players, along with who is picked for matches, allows criminals to break into players homes.
In addition the increased fan interaction that clubs undertake means they have a lot of personal information. This data leaves fans open to data theft, payment card fraud, phishing attacks and other cyber-attacks.
Everton FC is not the only major sports club to beef up its cyber security recently. Yesterday, IBM announced it is to provide cyber security protection for the Atlanta Falcons as part of the fan engagement system it is deploying. With GDPR getting closer, high profile sports clubs are all likely to be investing in new systems. This is good news for fans and the cyber security industry.