As the NFL takes its Draft Day operations online this Thursday, April 23, 2020, due to the coronavirus, many head coaches and cybersecurity experts say teams are vulnerable to online mischief-makers, according to a Reuters report. 

The league declined to disclose its security measures, but told Reuters they are “comprehensive and thoughtful,” and that they have provided best practices and are planning to run a system test with all 32 teams. Individual clubs have been running their own mock drafts to prepare, and the NFL will have also carried out a one-round draft simulation with clubs selecting former players before the virtual draft, adds Reuters. 

John Harbaugh, Ravens head coach, says Reuters, was one of the first coaches to express concern over cybersecurity risks during the draft. “They assure me we are doing everything humanly possible, and I remind that that’s what Wells Fargo and all those other places said about our private information, so I have some real concerns,” said Harbaugh. “I really wouldn’t want the opposing coaches to have our playbook or our draft meetings. That would be preferable.”

Terence Jackson, Chief Information Security Officer at Thycotic, a Washington D.C. based provider of privileged access management (PAM) solutions, notes that, “The current Coronavirus pandemic has uncovered gaps in many infrastructures and highlights the importance of good cyber hygiene during normal business operations. Cybersecurity is often seen as a cost center, but during these uncertain times, as digital transformation fast-tracks, it should be seen as a way to protect and generate revenue. As eyes are focused on the NFL draft this Thursday, it looks like contingencies are in place and there has been a dry run. No solution is 100 percent secure, and that is why we take defense in depth approaches to minimalize the failure of any one system. It’s up to IT and security professionals to make sure the event isn’t blemished by a cyberattack.”

Hank Schless, Senior Product Marketing Manager at Lookout, a San Francisco, Calif.-based provider of mobile phishing solutions, says, “NFL draft picks aren’t what we usually associate with valuable corporate data, but they could be highly valuable to a malicious actor on Draft Day. Having this information pilfered and shared out to the world ahead of that team’s draft pick could alter the direction of their organization."

"As NFL team personnel work together on Draft Day this Thursday, they will be sharing data between multiple devices; demonstrating how employees access data fluidly between traditional endpoints and mobile devices with the adoption of cloud-based technologies," Schless adds. "Ensuring that mobile devices are secured, both now and in the future, is just as detrimental to the future of every NFL team as any other business.”