IDENTIFICATION AND PREVENTION OF EXPECTED CYBERSECURITY THREATS DURING 2022 FIFA WORLD CUP IN QATAR
DOI:
https://doi.org/10.47604/jpid.1135Keywords:
Cybersecurity Threats, FIFA World Cup, Risk Management, Mega Sport Events, Security and SafetyAbstract
Purpose: This research aimed to identify cybersecurity threats expected at the upcoming FIFA World Cup in Qatar in 2022 and assess how they can be prevented.
Methodology: This was done by adopting a quantitative research design and survey strategy with 167 respondents from Qatar. The respondents were purposively sampled from the event industry, and a Likert scale was used to quantify the responses for further statistical analysis. The quantitative data collected was analysed using the SPSS version 25 for data analysis. A hypothesis was tested as to whether the perceived expected cybersecurity threats are significantly associated with the perceived quality of measures to tackle these threats. The testing was done using multiple methods, including Principal Component Analysis (PCA) and cross-sectional linear regression analysis. Further analysis was done using One-way ANOVA and correlation analysis, as well as, independent samples t-test. Descriptive statistics, such as percentages and frequencies were used, with tables and charts used in presenting the findings.
Findings: The results revealed high loadings of potential cyberattacks on sponsors, fans, online ticket sales, government and the FIFA website based on the PCA. The regression analysis revealed a statistically significant association between the perception of the cybersecurity risks and perceived quality of measures undertaken to address the cyber threats. The research was limited, however, by not covering technical issues of cybersecurity, including the development of improvements to current security systems, which presents an area for future research with the implementation of machine learning technologies, big data and AI training.
Contribution: The study provided recommendations for policymakers to invest in technologies for the protection of sensitive data, including online databases and hiring competent specialists in the field of cybersecurity. To address the risks for fans, policymakers are recommended to start a campaign aimed at increasing the awareness of cyberattacks on personal and financial information at large events.
Downloads
References
Agah, A.S. & K. Das (2007) Preventing DoS Attacks in Wireless Sensor Networks: A Repeated Game Theory Approach, International Journal of Network Security, 5 (2), 145-153.
Ali, O., Shrestha, A., Chatfield, A., & Murray, P. (2020). Assessing information security risks in the cloud: A case study of Australian local government authorities. Government Information Quarterly, 37 (1), 1-10.
Alpcan, T. & Basar, T. (2004) A game theoretic analysis of intrusion detection in access control systems, Proceedings of the 43rd IEEE Conference on Decision and Control (CDC). IEEE, 2 (2), 1568-1573.
Appenzeller, H. (Ed.). (2005). Risk management in sport: Issues and strategies. Carolina Academic Press.
Arshad, N.H., Mohamed, A. & Mansor, R. (2009) The Effects of Implementing Organizational
Structural and Risk Management Strategies in Information System Projects, Proceedings of the 10th WSEAS Int. Conference on Mathematics and Computers in Business and Economics.
Baskerville, R. (2008) Strategic Information Security Risk Management, in D.W. Straub, S.E. Goodman, and R. Baskerville (Eds.) Information security: policy, processes, and practices, New York: ME, Sharpe.
Boholm, M. (2012). The semantic distinction between "risk" and "danger": a linguistic analysis, Risk Analysis, 32(2), 281-293.
Boholm, M., Möller, N. & Hansson, S. O. (2015). The concepts of risk, safety, and security: applications in everyday language, Risk Analysis, 36 (3), 320-338.
Boyle, P. (2012) Securing the Olympic Games: Exemplifications of Global Governance, in: Lenskyj, H.J. & S. Wagg (eds.), The Palgrave Handbook of Olympic Studies, Basingstoke: Palgrave Macmillan, 394-412.
Brooks, D. J. (2009). What is security: Definition through knowledge categorisation, Security Journal, 23 (3), 229-239.
Brooks, D. J. (2012) Corporate security: Using knowledge construction to define a practicing body of knowledge, Asian Journal of Criminology, 8 (2), 1-13.
Campbell, S. (2005) Determining overall risk, Journal of Risk Research, 8 (2), 569-581.
Chai, S., Kim, M. & Raghav-Rao, H. (2011) Firms' information security investment decisions: Stock market evidence of investors' behaviour, Decision Support Systems, 50 (3), 651-661.
Chen, K., Feist, Z., and Kapelke, C. (2017). The Cybersecurity of Olympic Sports: New Opportunities, New Risks, Betsy Cooper.
Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., & Stoddart, K. (2016). A review of cybersecurity risk assessment methods for SCADA systems. Computers & Security, 56, 1-27.
Colwill, C. (2009) Human factors in information security: The insider threat and who can you trust these days? Information Security Technical Report, 14(4), 186-196.
Cotrell, R. (2003) The Legacy of Munich 1972: Terrorism, Security and the Olympic Games', in: M. de Moragas, C. Kennett, and N. Puig (eds) The Legacy of the Olympic Games 1984-2000, Lausanne: International Olympic Committee, 170-178.
Crelier, A. (2019) Trend Analysis Cybersecurity at Big Events, Risk and Resilience Team Center for Security Studies (CSS), ETH Zürich, Retrieved from: https://css.ethz.ch/content/dam/ethz/special-interest/gess/cis/center-for-securities-studies/pdfs/Cyber-Reports-2019-11-Cybersecurity-at-Big-Events.pdf.
Dhillon, G. & G. Torkzadeh (2006) Value-focused assessment of information system security in organisations, Information Systems Journal, 16(3), 293-314.
Dion-Schwarz, C., Ryan, N., Thompson, J. A., Silfversten, E. & Paoli, G. P. (2018) Olympic-Caliber Cybersecurity Lessons for Safeguarding the 2020 Games and Other Major Events, RAND Corporation, Retrieved from: https://www.rand.org/content/dam/rand/pubs/research_reports/RR2300/RR2395/RAND_RR2395.pdf.
Dlamini, M. T., Eloff, J.H.P. & Eloff, M. M. (2009) Information security: The moving target, Computers and Security, 28 (4), 189-198.
Figueira, P. T., Bravo, C. L., & López, J. L. R. (2020). Improving information security risk analysis by including threat-occurrence predictive models. Computers & Security, 88, 1-9.
Finkelstein, A. (2016). CyberSecurity at Major Sporting Events, Israel Defense, December. http://www.israeldefense.co.il/en/content/cyber-security-major-sporting-events
George, R. (2008) Critical infrastructure protection, International Journal of Critical Infrastructure Protection, 1(1), 4-5.
Giulianotti, R. & Klauser, F. (2012) Sport mega-events and "˜terrorism': A critical analysis, International Review for the Sociology of Sport, 47 (3), 307-323.
Giulianotti, R. (2011a) Sport, peacemaking and conflict resolution: A contextual analysis and modelling of the sport, development and peace sector, Ethnic and Racial Studies 34(2), 207-228.
Giulianotti, R. (2011b). The sport, development and peace sector: A model of four social policy domains, Journal of Social Policy, 40 (3), 757-776.
Giulianotti, R., & Klauser, F. (2010). Security governance and sports mega-events: Toward an interdisciplinary research agenda. Journal of Sport and Social Issues, 34 (1), 49-61.
Giulianotti, R., & Klauser, F. (2011). Introduction: Security and surveillance at sport mega-events. Urban Studies, 48 (15), 3157-3168.
Golany, B., Kaplan, E.H., Marmur, A. & Rothblum, U. G. (2009) Nature plays with dice terrorists do not allocating resources to counter strategic versus probabilistic risks, European Journal of Operational Research, 192(1), 122-130.
Gordon, L.A., Loeb, M.P. & Tseng, C. Y. (2009) Enterprise risk management and firm performance: A contingency perspective, Journal of Accounting and Public Policy, 28 (4), 301-327.
Goud, N. (2018) No Cyber Attacks on FIFA World Cup 2018, Retrieved from: https://www.cybersecurity-insiders.com/no-cyber-attacks-on-fifa-world-cup-2018/.
Hausken, K. & Levitin, G. (2009) Mini max defence strategy for complex multi-state systems, Reliability Engineering and System Safety, 94 (2), 577-587.
Henderson, J. C. (2014). Hosting the 2022 FIFA World Cup: opportunities and challenges for Qatar. Journal of Sport & Tourism, 19(3-4), 281-298.
Hesse, L. & Smith, C. L. (2001) Core Curriculum in Security Science. Proceedings of the 5th Australian Security Research Symposium, Perth, Western Australia.
Jayawardhana, A. (2016) Ensuring Security Against the Threats of Terrorist Acts in Mega Sport Events, International Journal of Sport Management Recreation and Tourism, 25 (2), 1-8.
Jore, S. H. (2019). The Conceptual and Scientific Demarcation of Security in Contrast to Safety, European Journal of Security Resources, 4 (2), 157-174.
Jore, S.H. & Egeli, A. (2015) Risk management methodology for protecting against malicious acts? Are probabilities adequate means for describing terrorism and other security risks? In: Podofillini, L., Sudret, B., Stojadinovic, B., Zio, E. and Kröger, W. (eds) Safety and Reliability of Complex Engineered Systems, London: CRC Press, 807-815.
Kakkad, V., Shah, H., Patel, R., & Doshi, N. (2019). A Comparative study of applications of Game Theory in Cyber Security and Cloud Computing. Procedia Computer Science, 155, 680-685.
Kantzavelou, I. & Katsikas, S. (2009) Playing Games with Internal Attackers Repeatedly, Proceedings of the 16th IEEE Conference on Systems, Signals and Image.
Kim, J. (2017). Cyber-security in government: reducing the risk. Computer Fraud & Security, 2017 (7), 8-11.
Kooi, B. & Hinduja, S. (2008) Teaching security courses experientially, Journal of Criminal Justice Education, 19 (2), 290-307.
Lee Ludvigsen, J. A. (2018). Sport mega-events and security: the 2018 World Cup as an extraordinarily securitised event. Soccer & Society, 19 (7), 1058-1071.
Li, Q., & Dehler, S. A. (2015). Inverse spatial principal component analysis for geophysical survey data interpolation. Journal of Applied Geophysics, 115, 79-91.
Lilleby, J. & Egeli, A. (2014) Achieving common ground for safety and security risk analyses using Human Reliability Assessment. Bridging the gap between safety and security risk analysis using Human Factors. Stavanger: NEON.
Liu, P. & Zang, W. (2005) Incentive-based modelling and inference of attacker intent, objectives, and strategies, ACM Transactions on Information and System Security, 8(1), 78-118.
McKenna, B. (2018). Measuring cyber-risk. Network Security, 2018 (10), 12-14.
Morris, S. (2012) IFA World Cup 2022: Why the United States Cannot Successfully Challenge FIFA Awarding the Cup to Qatar and How the Qatar Controversy Shows FIFA Needs Large-Scale Changes, California Western International Law Journal, 42(2), 541-575.
Pie-Cambacedes, L. & Chaudet, C. (2010) The SEMA referential framework: avoiding ambiguities in the terms "security" and "safety", International Journal of Critical Infrastructure Protection 3(2), 556-566.
Preuss, H. (2004). The economics of staging the Olympics: A comparison of the games, 1972-2008. Cheltenham, UK: E. Elgar
Randall, A. (2008) 21st-century security and CPTED, Boca Raton, Florida: CRS Press.
Reniers, G. L. & Audenaert, A. (2014) Preparing for major terrorist attacks against chemical clusters: intelligently planning protection measures with domino effects, Process Safety and Environment Protection, 92(6), 583-589.
Reniers, G. L., Cremer, K. & Buytaert, J. (2011) Continuously and simultaneously optimising an organisation's safety and security culture and climate: the improvement diamond for excellence achievement and leadership in safety and security (IDEAL SandS) model, Journal of Clean Production, 19(11), 1239-1249.
Robinson, J. & Landauro, I. (2015) Paris Attacks: Suicide Bomber Was Blocked From Entering Stade de France, Wall Street Journal, Retrieved from: http://www.wsj.com/articles/attacker-tried-to-enter-paris-stadium-but-was-turned-away-1447520571.
Saravanamuthu, K. (2002) Information technology and ideology, Journal of Information Technology, 17 (1), 79-87.
Saunders, M., Lewis, P. & Thornhill, A. (2016) Research Methods for Business Students, Harlow: FT Prentice Hall.
Smith, C. L. & Brooks, D. J. (2013) Security Science: The Theory and Practice of Security, Waltham, MA: Butterworth-Heinemann.
Sofotasiou, P., Hughes, B. R., & Calautit, J. K. (2015). Qatar 2022: Facing the FIFA World Cup climatic and legacy challenges. Sustainable cities and society, 14, 16-30.
Spaaij, R. & Hamm, M. S. (2016) Endgame? Sports Events as Symbolic Targets in Lone Wolf terrorism, Studies in Conflict and Terrorism, 38 (12), 1022-1037.
Spaaij, R. (2016) Terrorism and Security at the Olympics: Empirical Trends and Evolving Research Agendas, The International Journal of the History of Sport, 33 (4), 451-468.
Spikin, I. C. (2013) Risk management theory: the integrated perspective and its application in the public sector, State, Government and Governmental Management, 21 (3), 89-126.
Stahl, B.C. (2007) Privacy and security as ideology. Technology and Society Magazine, IEEE, 26(1), 35-45.
Taylor, T. & Toohey, K. (2006) Impacts of terrorism-related safety and security measures at a major sport event, Event Management, 9(04), 199-209.
TrendMicro (2018) Sporting Event Threats: Lessons from the 2018 FIFA World Cup, Retrieved from: https://www.trendmicro.com/vinfo/se/security/news/cybercrime-and-digital-threats/sporting-event-threats-lessons-from-the-2018-fifa-world-cup.
Whelan, C. (2014). Surveillance, security and sporting mega-events: toward a research agenda for the organisation of secured networks. Surveillance & Society, 11 (4), 392-404.
Whitman, M.E. & H. Mattord (2005) Principles of Information Security, Boston: Course Technology.
Wiktorowicz, Q. (2014) Shedding Light on the Threat of Terrorism at Qatar's 2022 World Cup, Retrieved from: https://www.huffingtonpost.co.uk/quintan-wiktorowicz/qatar-world-cup-terrorism_b_5522455.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAIAXHe2zJwq4cYYzlgiEy1ToC5IFJ7IsJzIK7Ya2QuSQrdlv7GmSx_6AOO5rbwwGMIdWoG4K7gMAHJ_epLuzcbhob8vp3JyNpwUGEs5hme2fRHoj0ZO3KRM3-KXC035tn3zd7KDaMRBFaPPX_d276pgpEtoqpuxjLSk2AaiChWSt.
Willis, H. H. (2007) Guiding resource allocations based on terrorism risk, Risk Analysis, 27 (2), 597-606.
Workman, M. (2007) Gaining access to social engineering: An empirical study of the threat, Information Systems Security. Journal, 16 (2), 315-331.
Youd, K. (2014) The Winter's Tale of Corruption: The 2022 FIFA World Cup in Qatar, the Impending Shift to Winter, and Potential Legal Actions against FIFA, Northwestern Journal of International Law and Business, 35(1), 167-175.
Yu, Y., Klauser, F. & Chan, G. (2009) Governing Security at the 2008 Beijing Olympics, The International Journal of the History of Sport, 26 (3), 390-403.
Downloads
Published
How to Cite
Issue
Section
License
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution (CC-BY) 4.0 License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.