Skip to Content
Home Blog Don’t Risk it All; Protect Your Club and Members from Online Threats


Don’t Risk it All; Protect Your Club and Members from Online Threats

In 2015, IBM CEO Ginni Rometty said, “Cybercrime is the greatest threat to every company in the world.” Taking it further, billionaire businessman Warren Buffet told his Berkshire Hathaway shareholders cyberattacks are the “number one problem with mankind,” more so than nuclear weapons.

Cybercrime damages cost the world some $3 TRILLION in 2016. Experts predict those costs could double by 2021, representing the greatest transfer of economic wealth in history.

Cyberattacks threaten every business, every organization, every person with an online presence. What can a business – such as your club – or an individual do to protect themselves against cybercrime?

What Your Club Can Do

While data breaches at large businesses such as Target, Anthem, and Yahoo often make the headlines, the majority of data breaches affect small businesses throughout the U.S. Typically, small businesses do not have the resources to organize and fund a sophisticated IT security program. Hackers know this, which gives them an advantage when they target a business. Most unsuspecting victims find out about an attack when it’s too late. All it takes is one incident to cause significant financial loss and permanent reputational damage. In fact, insurance experts estimate that 60 percent of small businesses will go out of business within a year of having a major data breach. 

Alarming statistics confirm why hackers target small businesses. According to the Small- to Medium-size Business Threat Awareness Poll, 67 percent of small- to medium-size businesses do not use web-based security, and 61 percent do not use antivirus on all computers. Phones, tablets, computers and laptops typically access the infrastructure and at some point contain member data or access to member data (names, addresses, phone numbers, etc.). Software updates and proper protection on devices do not require an IT expert and are crucial to protecting company and member data. 

Best Practices to Protect Your Business  

In today’s environment of data-driven business solutions, it has never been more important for small-business owners to be proactive in understanding the threats to their business and invest in data-breach protection. 

Cybersecurity threats are an ever-evolving problem. Club owners and managers should be creating and updating IT policies to address newer technologies and the increasing cybersecurity threats. Policies should be reviewed at least annually and revisions communicated to your staff.  

Technology is an intimidating and complicated business tool. Coupled with other day-to-day business practices, it’s difficult for the average club owner or manager to keep up on the latest threats. Hiring third-party security experts to expose known threats and offer best practices is necessary. There are companies that specialize in ongoing penetration tests where a white hat hacker (an ethical computer hacker or security expert) will attempt to breach your systems. Following the test, you will be provided a detailed report of vulnerabilities. This report can serve as a resource as you develop and implement security measures to protect your data.   

Educate Your Staff and Boost Your Infrastructure

We think club owners would agree that their greatest assets are their employees. When it comes to dealing with members and guests, they’re probably correct. However, when it comes to cybersecurity, your employees are your biggest threat. According to McAfee, 43 percent of all company data loss or breaches are caused by employees. Whether intentional or not, the horror stories of data breaches often include employees. By simply clicking on an attachment or link in a malicious email, using unsecured Wi-Fi with their mobile device(s) or misplacing documents, your employees can inadvertently open your business up to a significant financial loss. 

Educating your entire staff is vital to protecting data. Employees trained on how to handle potential cyber risks can protect a company by creating a secure culture. If we compare this to TSA, which works to educate travelers to keep an eye out for suspicious behavior, employees should be protecting your club from suspicious activity as well. A number of easy-to-use and trackable training programs are available to help educate staff. Regular training helps to build an additional line of defense to ensure company and member data remain secure and protected from hackers and other online threats.

Your billing software likely houses all pieces of valuable member data. Most software allows for IP lockdown so that it can only be accessed via the company’s protected network or offsite through a secure VPN (virtual private network) connection. Any software that allows for two-factor authentication where it requires a username, password, and an additional authentication such as a text message or ping to a cell phone should be used.

Cybersecurity is something that should be taken very seriously by your club. Hackers work full time to find ways to penetrate your infrastructure to capture club and member data. They will do anything they can to gain financially from your oversight. Don’t risk it all; arm yourself with the tools to successfully protect your business from online threats. Contact your insurance agent or broker to discuss insurance policies that cover cyber liability and the costs incurred to respond to a data breach or threat.

What Individuals Can Do

It’s estimated that more than THREE BILLION people or 51 percent of the world’s population use the internet. By 2030, more than 90 percent of the world’s population or 8.5 billion people age 6 and older are expected to be internet users. Already nearly 90 percent of all Americans – approximately 287 million – use the internet.

That’s a lot of targets for hackers.

You know, of course, about the more than 145 million credit records stolen in the Equifax breach that netted the hackers valuable personal information such as names, addresses, phone numbers, and – most valuable of all – Social Security numbers. Those criminals can do a lot of damage to a lot of people.

People who are unsure if they are among the millions whose personal information was stolen should watch out for the following:

·         Phishing emails claiming to be from Equifax, allowing you to check to see if your data was stolen.

·         Phishing emails claiming there’s an issue with a credit card, your credit record, or other personal information.

·         Phone calls from someone claiming to be from your financial institution.

·         Fraudulent charges on your credit card.

Preventing Identity Theft

So, what can individuals do to protect their identity? We suggest the following:

·         Begin credit monitoring. Either do it yourself or use a credit monitoring service. Click here for a review of which method would be best for your situation.

·         Freeze your credit files at each of the three major credit agencies: Equifax, Experian, and TransUnion. Click here for advice on how to place a freeze on your files.

·         Check your bank and credit card statements carefully for any unauthorized activity.


David A. Harnois, CCM, is a proud employee owner of Affinity Club Underwriters, specializing in commercial and group program business. David provides insurance solutions for hundreds of clubs throughout the world. He may be reached at (973) 984-1000 x111 or at


Founded in 2007, Affinity Club Underwriters is a wholesale program insurance provider specializing in the club, golf and hospitality sector. They offer claims management services, operations and coverage audits, policy and information storage and archaeology, RFP preparation, market analysis, and help in developing specific loss control programs. Affinity is the exclusive provider of the Affinity Club Program for private and semi-private golf and country club venues. Affinity is the only insurance program administrator led by golf industry experts.  


Back to Top