Over the past two weeks we saw the latest example of competitor hacking and the consequences. This time in Major League Baseball. The question is should we be surprised by this? Professional sports are wildly competitive and the money is lucrative with many professional franchises valued at over $1 billion (see Forbes Magazine). With that much money at stake it should only be a wonder that this hasn’t come to light sooner or that others haven’t done this already.
We have written about his in the past, but in business, the goal crosses several spectrums. You want to develop something that will fill a need; produce a good product; make money; and do it better than anyone else. All of these things lead to creating a competitive advantage over your competitors. For sports teams it’s winning championships and selling merchandise. You sell more when you win more. And you win more when you draft the right people and you recruit the right free agents. You draft the right people by analyzing as much data as possible and by getting assessments from scouts and coaches. And this data is exactly what the Cardinals executive wanted. He knew the Astros from being previously employed by them. He understood the value of their information and he still had access to it. So he took it. And he got caught.
To the Astros, this should have been an identifiable threat. When the executive left for a competitor, they should have taken every effort to change security protocols and passwords. In the same way you change your safe combination when a former employee leaves (please tell me you do this), you should change your passwords and remove people from your access control roster.
And this doesn’t just happen in the crazy world of professional sports. We talked about this in January.
“As reported by SC Magazine, a business company in New Hampshire pleaded guilty to hacking into a small business competitor and stealing over 1,000 invoices over the course of eight months…..Small businesses are targets; you have information others want, even if you don’t think it’s important. In this particular case, a linen company’s invoices were stolen. Their critical information IS customer data. This information could be used in a lot of ways, but in this case, the company develop targeted sales pitches to those clients and take business away.”
So it can and does happen to every company. The key is recognizing you have threats and taking active steps to mitigate those threats. Gather your team, start listing them out, and start addressing your potential vulnerabilities. Today might be as good of a day as any.