Contact Us

Security Madness

March Madness - Cybersecurity

How to Protect Your Organization During The NCAA Tournament and Beyond


According to the American Gaming Association, 47 million American’s will bet nearly $8.5 billion on the NCAA tournament, so it’s no wonder that every year there is a steep increase in cyber-activity around the event. IT teams must be on high alert to deal with the madness--from the phishing scams to the unassuming malware infected sites employees visit to catch part of the action—the employees' involvement in March Madness can easily open up an organization’s door to a cyberattack. With the threat looming, organizations spend months preparing for this time of year, and we compiled some of the best advice for protecting your organization during the NCAA Tournament and beyond.

  • Remind your employees about phishing attacks. Even if phishing attack education is part of your organization’s security training program, some of the offers made in these emails, especially during March Madness, can be very tantalizing and bring an employee’s guard down.

"Cybercriminals are well aware of the popularity of March Madness and are already preparing spear phishing emails to millions of college basketball fans, as well as non-basketball fans who are merely participating in the ever-popular office pools." 

Dan Lohrmann, CSO, Security Mentor 

    • Set up a few flat screen televisions for the event. Millions of employees stealthily watch the game from their laptops/computers/phones where malware can be camouflaged as streaming videos and network bandwidth is depleted; therefore, companies might want to set up a few flat screen televisions streaming the legitimate video feed, so employees can walk by and get the latest updates, satisfying their bracket interest, without putting their organization at risk and utilizing excessive bandwidth.

A Nielsen cross-platform study says in 2018 over 175 million fans engaged with the tournament across all networks and platforms.

      • Ensure that your security patches are up to date so you do not become an easy target of a cyberattack. This is an important one and one that slips through the cracks if automated enterprise patch management is not implemented. Automating routine tasks is key to protecting an organization from cybersecurity threats during an event like March Madness and day-to-day threats.

In 2017 Aberdeen found, if not automated, that in a $100 million company with 100 database instances, vendor patching over the course of one year is likely to be complex (with 440 patches required) and time-consuming (910 hours of disruption).

Aberdeen Group

      • Make sure that you are continually assessing the security posture of all managed cloud services and workloads by getting scored guidance to facilitate a prioritized response plan, so you can make informative and timely decisions when protecting your organization against cyber threats.

60% of organizations believe lack of visibility across all IT asset types constitutes a challenge to their cybersecurity posture.

Ponemon Institute

Although the last one might be a little tough, since the tournament is just underway, it’s one that should be considered as you evaluate your overall security posture for 2019 and beyond. At Cavirin, we do not believe that your cybersecurity posture should be driven by one event, or your IT team will be exhausted come tax season next month.



© 2019 Cavirin Systems, Inc. All rights reserved.