Cybersecurity is an ever-present challenge for businesses of all shapes and sizes. A significant event can bring a company to a standstill. A multifaceted approach works best, and this involves a multi-layered approach combining technologies like firewalls and encryption, processes such as risk assessment and incident response, and employee training.
Yet remaining vigilant as to evolving threats can be difficult, especially for firms not supported by large IT departments. To aid firms in this predicament, Josh Stuts, Senior Manager of Security at Drata has provided Digital Journal with some pointers on how cybersecurity professionals can stay vigilant when working on major events.
Digital Journal: How might cybersecurity professionals make efforts to secure the enterprise’s infrastructure when a large event is coming into town (and the enterprise is taking part in standing up some kind of digital offer or landing page for consumers)?
Josh Stuts: When organizations rush to launch new infrastructure for a major event (e.g., World Cup, Super Bowl, etc.), security can quickly slip down the priority list. The key is to build in guardrails that allow speed and safety to coexist. That means enabling automated controls, maintaining continuous monitoring, and ensuring that security checks are embedded into the deployment process, not bolted on afterward. By treating security as a built-in requirement rather than an afterthought, enterprises can scale rapidly while still protecting sensitive data and ensuring customer trust.
DJ: Can cyber threats against an enterprise be increased around a big event? What specifically are we seeing from bad actors in these events?
Stuts: High-profile events are magnets for cyber threats because attackers know companies are operating under pressure. We often see spikes in phishing campaigns themed around a big event, attempts to exploit hastily-built digital assets, and increased scanning for unpatched vulnerabilities.
That risk is amplified by the fact that 93% of organizations still rely on manual GRC processes requiring an average of 14 hours per week, creating blind spots that attackers can exploit when teams are stretched thin. The combination of heightened visibility and compressed timelines creates an ideal environment for attackers, so enterprises need to anticipate this surge and have both preventive and detective controls ready.
DJ: Can bad actors hang around once the event is over and try to access a company’s systems after the fact, but use the event as a way to get into its systems?
Stuts: Certainly. Attackers often use the chaos of the event as their entry point but may linger quietly afterward, waiting for the spotlight to fade. If monitoring and response capabilities aren’t continuous, organizations may miss that a foothold has been established.
That’s why post-event reviews, ongoing compliance checks, and continuous visibility into system activity are just as critical as pre-event preparations. Security isn’t just about surviving the event, it’s about ensuring resilience long after headlines move on.
