cybersecurity mobile devices

Entertainment Cybersecurity Series: Remote Work

Share this post:

Part One: Remote Work Entertainment Cybersecurity Issues

Cybercrime has cost the world over 6 trillion dollars (World Metrics). But research shows more than 50% of musicians have no cybersecurity defense plan linked to their performances and performance planning. The music industry depends heavily on various forms of technology, and as this dependence grows, so does the entertainment cybersecurity threat. Thus, musicians and live music related businesses need to have clear defense plans in place. As security solutions Upguard company states, the five important cybersecurity threats facing the live music industry are:

  1. Practices related to remote work
  2. Data breach and leaked content
  3. Ransomware
  4. Third party risk and
  5. Spyware

Why is entertainment cybersecurity such an important topic? Just take a look at a sample of the music industry cybersecurity statistics compiled by Worldmetrics in their 2024 report.

  • According to research, over 50% of musicians do not use any form of cyber defense.
  • Over 94% of popular Android applications used in the music industry have vulnerabilities to known security exploits.
  • Around 40% of music platforms have experienced DDoS attacks, causing loss of revenue and trust.
  • 35% of professionals in the music industry have been a victim of ransomware attacks, according to a study by IBM.
  • Nearly 60% of artists and their teams have been targeted by spear-phishing attacks since 2018.
  • A Kaspersky Lab survey found that 47% of the music industry had suffered data loss or leakage due to an online attack.
  • It is estimated that 21% of files in the music industry are exposed to potential threats, putting invaluable intellectual property at risk.

TSE Entertainment has published a number of articles on safety and risks facing live entertainment events, including 6 Serious Risks of Live Entertainment Events, one of which is cybersecurity.

In the coming months, TSE Entertainment will publish an entertainment cybersecurity series that addresses each of these five issues in detail and will help live entertainment businesses improve their cybersecurity from these five fronts. This week’s topic is remote work cybersecurity issues in the live music industry. You will learn why we don’t mix personal and professional devices, protect our passwords, double check the links we click on, avoid working in public places, and invest in cyber insurance.

Working from Home or From The Road

remote work

Due to the prevalence of Slack and Zoom, most music industry executives, artists, and professionals often work from home or from the road as they tour. Upwork claims that by next year a quarter of America will be working entirely remotely. Music industry executives have developed detailed remote collaboration plans, and now work with artists, staff, and vendors either partially or fully remotely. Music industry CSO Christine Osazuwa often writes open letters publicly describing the benefits of the industry shifting to remote working environments.

It seems clear that this shift is likely to continue as we progress into the century. After the Covid pandemic, many companies learned that their employees can be just as effective working from home. And so, numerous companies, including those in the live entertainment industry, have made the choice to switch to allow remote working permanently. Even companies who have not allowed fully remote working have allowed a partially remote option for many of their employees, allowing for flexibility that parallels their personal lives. In the talent booking, concert production, and live entertainment industries, we see many people efficiently and conveniently work remotely as opposed to from one specific business location.

Remote Work: It Isn’t All Rainbows and Sunshine

However, all good things come with a catch. Live entertainment venues, artists, agencies, and their affiliates should be careful to consider the effect the remote working shift has had on their cybersecurity vulnerabilities. Hacking specialists caution that entertainment cybersecurity threats will become more incessant as more employees work remotely. We have seen cyberattacks skyrocket in the post-pandemic world, and these attacks will continue to happen at a high rate while employees are working remotely.

In this article, we will delve into how remote work has heightened cybersecurity vulnerabilities and explore the various ways in which organizations within the live entertainment industry can protect themselves and their sensitive data in this evolving landscape. As the shift towards remote work continues to accelerate, so do the cybersecurity risks that come along with it. Remote work environments introduce many vulnerabilities that can be exploited by cybercriminals, putting live entertainment organizations at risk.

We’re Often Lazier With Cybersecurity When Working Remotely

remote work cybersecurityAlmost 40% of industry IT managers claim that their business has faced cybersecurity issues due to or related to mobile device use. Mobile technology use in the music industry comes with a high risk, and this cannot be ignored. As the post-Covid world has resulted in a permanent remote working wave, habits have changed. People often mix their work and personal devices, even worse, their work and personal accounts. The layers of security on a company device are significantly stronger than a simpler personal smartphone. Corporate grade laptops usually come with encryption, and protections that are not likely to be found on a personal device.

According to a study by Tessian, a British-American security company, about two of every five employees questioned said that their cybersecurity practices at home were lazier than those used in their business location. Additionally, half of these individuals felt their change in behavior was a consequence of feeling less examined by their IT divisions after the Coronavirus pandemic.

personal printerSome may find it shocking that even personal printers can be a threat. Home printers have vulnerabilities that hackers have historically taken advantage of, and so even using a personal printer is unwise if it has important or confidential information being sent to it. Live entertainment employees, artists, managers, agents, and affiliates must be cautious of these issues.

Don’t Mix Professional and Personal Devices and Accounts

Many music industry professionals inadvertently store company information or communications on their personal accounts and devices. Company data should never be accessed or stored on a personal account. Personal accounts are less likely to authenticate the user, and without multiple factors authenticating the user, company data can fall into the wrong hands. Any devices used for remote work, especially in the live entertainment industry, must be completely separated from personal devices. The investment is more than worth reducing the risk of losing confidential information.

 Protect Your Passwords

More than 50% of phishing attacks in the music industry are a way for cyber criminals to steal credentials such as passwords. Music industry professionals run the risk of giving access to individuals who can steal information not yet available to the public, unreleased music, and even sensitive financial data. Thus, the accounts where information is sent and stored must use multi factor authentication. That can be as simple as connecting your login page to an app such as Duo. Strong passwords for all accounts must be a company mandate as well. 12 character passwords should be a requirement, at least one special character should be required, and passwords should be switched out every few months.

It is also essential to abstain from writing passwords down anywhere. No notebook, sticky note, or even notes app, should have any passwords written down. Staff training must also include refraining from leaving any work-related devices unattended. Finally, remember to learn from mistakes. We are now part of a remote working sphere that will likely never change. If a vulnerability or issue has occurred before, take the steps to ensure it does not happen again.

Remind your employees that habits and rules keeping your information secure apply at home or on the road as well. The lock on your door might protect your valuables but does nothing to protect their work data.

Fake Links: All This Over One Link?

video callRemote working has also come with an increase in social engineering and phishing. There are more activities and communications occurring online, more information is being sent from vendor to vendor, and meetings are happening over Zoom instead of at an office or studio. The music industry comes with many loyal fans, but malicious individuals who are looking to steal information before it is released, stalkers who are trying to find their favorite artist’s next move, and hackers looking to sell confidential information are also finding it easier to accomplish their goals in a remote working environment. For example, a few years ago In November 2020, a company in Sydney imploded after a senior chief tapped on a fake Zoom link. The organization lost $8.7m to the hack and had to close.

What is Real and What Isn’t

About 94% of Android applications commonly used by the music industry have vulnerabilities that malicious individuals can exploit. Even worse, many industry professionals face fake apps and links that are used to steal data and information. Fake links can allow hackers to access systems with ease, and confidential information that is not protected carefully does not stay confidential for long. Furthermore, one of the key tactics used in social engineering attacks is to capitalize on the isolation felt by remote workers. By creating a sense of urgency or leveraging emotional triggers, attackers aim to manipulate individuals into making hasty decisions or sharing confidential data.

The lack of immediate access to IT support or colleagues for verification can further exacerbate the success rate of these attacks. Another common strategy employed by cybercriminals is the creation of fake VPNs or malicious websites that mimic legitimate remote work tools. When remote workers unknowingly connect to these platforms, their sensitive data becomes compromised, paving the way for potential data breaches or unauthorized access to corporate networks. The challenge lies in distinguishing between authentic and fake online resources, especially when employees are depending on virtual tools for their day-to-day work.

Avoiding Exploitation

Overall, the prevalence of social engineering and phishing attacks suggests the need for enhanced cybersecurity awareness and vigilance among music executives, professionals, and artists who work remotely. As a solution, we suggest prioritizing cybersecurity measures and educating professionals on best practices. If employees are trained in how to secure their devices and data while working remotely, vulnerabilities are less likely to be exploited. By staying informed, adopting practices for identifying and reporting suspicious activities to IT, and using secure communication channels, live entertainment organizations can counter the risks associated with these cyber threats in the remote work environment.

Is Working from Starbucks Alright?

entertainment cybersecurity

Remote working does not just include working from home. Remote working means one may work remotely from anywhere at all. As these locations have varying cybersecurity and varying threats, the vulnerabilities can become exponential. People at your cafe may not have the best of intentions, especially if they see information on your screen about a music event or celebrity. Additionally, the reliance on unsecured public Wi-Fi networks poses a significant risk to remote workers. Public Wi-Fi networks, such as those in coffee shops, airports, and hotels, are notorious for their lack of security measures. Hackers can easily intercept data transmitted over these networks, potentially gaining access to sensitive information like login credentials, financial data, and proprietary company information.

In addition to these issues, the lack of physical security measures in remote work settings leaves devices and data vulnerable to theft or unauthorized access. Without the physical protections offered by a secure office environment, remote workers must take extra precautions to safeguard their devices and sensitive information from physical threats. You might need a key fob to enter your office, but no one needs a key fob to enter the Starbucks where you are sending your emails from. Step away from your laptop, and you might lose important information to someone else sitting right behind you.

So…Where do I Work From?

protect yourself from cyber insurance

Thus, it is best to eliminate working in public places entirely. However, if necessary, it can be done using the following steps. A privacy screen is essential on all work devices, including laptops and phones used in public places. These screens blur information from angles and distances where people around you might otherwise be able to see your screen. Furthermore, using a VPN or mobile hotspot is always superior to public wifi. There is absolutely no reason to use a public connection outside of emergencies.

Protecting Yourself From Loss: Cyber Insurance

Roughly 37% of music industry businesses have yet to purchase cyber insurance. This type of insurance protects your businesses from IT risks. In the event of an attack, it is possible for a music related business to receive a generous payout that can help mitigate losses caused by data breaches or information leakage. It is important to carefully read the policy, along with both an IT and legal perspective. From an IT perspective you can make sure that the policy is fair for the resources held by the business, and the legal perspective can make sure that the fine print is not working against your favor. These policies can be helpful, but only if the purchaser reads the information stated in the contract carefully.

In Conclusion

The shift towards remote work in the music industry has undeniably brought about a myriad of entertainment cybersecurity challenges and risks that live entertainment and music related organizations must address to safeguard their sensitive data and systems. The increased vulnerabilities in remote work environments, such as the use of personal devices, unsecured Wi-Fi networks, and the lack of physical security measures, have made it easier for cybercriminals to exploit weaknesses and gain unauthorized access. As live entertainment organizations continue to embrace remote work as a long-term solution, it is imperative that they prioritize cybersecurity and implement comprehensive strategies to mitigate the heightened risks associated with remote work environments. By staying vigilant, proactive, and investing in robust cybersecurity measures, organizations can enhance their resilience against cyber threats and protect their valuable assets in an increasingly digital world.

A Sneak Peek!

I hope that this week’s article provided your organization insight on how imperative it is for music and live entertainment related businesses to have a cyber defense plan. With music executives, artists, and professionals often working from home or the road, cybersecurity risks have increased exponentially. The following articles to come will provide more detailed insights and solutions to the cybersecurity issues presented here, covering the topics of leaked content, ransomware, third party vendor risks, and spyware.


(Stock images from and

About the author

Picture of Saee Patil

Saee Patil

Saee is a graduate student studying cybersecurity policy remotely with Brown University. Previously, she was an undergraduate student at Cornell. She is currently located in Miami, and is surrounded by the Miami musical scene! She loves running into musicians, rappers, and various other entertainers in the industry. Saee is interested in the marriage of technology and music; the emerging market consisting of AI generated music, auditory augmented reality, and virtual reality concerts piques her curiosity. She is looking forward to gaining experience this summer writing articles on cybersecurity as it pertains to the live music industry!
Share this post: