Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityCybersecurity News

5 Cybersecurity Lessons Learned from the Super Bowl

By Reg Harnish
football-enews
February 2, 2017

The NFL’s biggest game – and one of the largest sporting events on the planet – is just days away, offering millions the chance to be entertained for a few hours. Fans will be glued to their television sets to experience the drama, the competition and the showmanship. Will they be thinking about cyber threats? Probably not. But, surprisingly, business owners can learn some valuable lessons about cybersecurity from the Super Bowl.

The NFL is a business. And like many businesses, it works with a massive ecosystem of outside companies to deliver its product to the people.  Thousands of third-party vendors – from the rented stadium, ticket sellers and HVAC-system providers, to the retailers and halftime show techs – are required to produce the show. Unprotected third-party vendors provide a path of least resistance for cybercriminals to sneak through the digital back door, potentially compromising safety, leaving data unprotected and creating havoc for organizations.

While 71 percent of companies feel confident their security activities are effective, only 32 percent require third parties to comply with their policies, according to the most recent PwC Global State of Information Security Survey. Furthermore, the study found that third-party security incidents are on the rise. In the past two years alone, the number of companies attacked rose from 20 to 28 percent.

Having a plan to deal with vendors is important, but it’s just one of the lessons to be learned from the Super Bowl. Here are five takeaways about cybersecurity every business owner can score from the big game:

 

1.Offense is easier than defense: Defense has an impossible job on the field. It can’t possibly prepare for every play the offense runs. As the old adage says, “The best defense is a good offense.” Business owners that arm their companies with a strategic offense will be less vulnerable to cyber attacks than those who are constantly trying to play defense against a multitude of threats. Remember: the bad guys only have to be right once to take down their targets.

2.It’s a people game: Technology takes center stage in the big game. Massive video walls, anti-concussion helmets and interactive capabilities allowing fans to order a hot dog from their seats are all part of the experience. But the reality is, the game is won or lost by people. Companies that become distracted by cyber defense technologies may erroneously believe they are safe from an attack. As long as the human element is involved, risk exists.

3. Winning takes continuous effort: Like football, cybersecurity requires work. While the Super Bowl is the punctuation mark on the season, both teams traveled a long, tough road to reach the championship. It’s not a one-and-done situation. In business, it’s tempting to believe that purchasing a firewall on any given Sunday and throwing it in a rack provides adequate protection.  The fact is, cybersecurity and the management of cyber risks is never done.

4. Protect your assets: In a football game, there are only two things worth protecting: the quarterback and the football. The team that does the best job safeguarding these two assets wins. Likewise, in the business world, companies must identify their “quarterbacks and footballs.” Bank accounts, credit cards, identities, intellectual property and reputation are the five critical assets that need protection, and should be where all the energy is focused.

5. Teamwork: Businesses typically focus on their core competencies and outsource functions like payroll, banking, logistics and other specialized skills. As mentioned earlier, these third-party relationships can unwittingly pose a cyber threat by leaving the digital backdoor wide open.  Organizations working with third-party vendors should clearly spell out their position on cybersecurity in all contracts and require regular audits for compliance.

Unfortunately, cyber attacks are not a matter of “if," but “when.” Like football players, all companies will eventually get hit. The key to survival is being able to mitigate the damage and recover. Software alone, like helmets and padding for players, is not enough to protect organizations from injury. Players and companies must play smart by using proper mechanics and ensuring the entire team is on the same page.

 

This article was originally published in our monthly newsletter, Today's Cybersecurity Leader. You can subscribe here. 

KEYWORDS: cyber attack cyber security education data breach Super Bowl Security third-party security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Reg Harnish is CEO of GreyCastle Security, a cybersecurity consulting firm dedicated to the practical management of cybersecurity risks.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Coding on screen

Research reveals mass scanning and exploitation campaigns

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • lessons-ideas-freepik1170x658.jpg

    3 security lessons we haven’t learned from the Kaseya breach

    See More
  • overhead football stadium

    Event cybersecurity at the Super Bowl

    See More
  • VanMoof-Bike.jpg

    Cybersecurity lessons learned from a bike manufacturer

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

  • 9780367030407.jpg

    National Security, Personal Privacy and the Law

See More Products

Events

View AllSubmit An Event
  • September 3, 2024

    From DDoS Protection to WAAP: How Layered Protection Enhances Your Cybersecurity Strategy

    ON DEMAND: By participating in the webinar, attendees will gain enhanced knowledge of cyber threats and understand the current spectrum of cyber threats facing businesses.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing