Darktrace finds more than 80% of professional sports organisations impacted by cyber-incidents in the last 12 months as AI raises the cybersecurity stakes
Publish Date: 2026-06-11 04:20:00
Source Domain: www.intelligentciso.com
Using an unordered list, summarize the following article with between 4 and 8 key points.
New Darktrace research reveals 84% of professional sports organisations experienced a cyber incident in the past year, while growing AI adoption is creating new cybersecurity challenges across stadium operations, ticketing and fan engagement.
Darktrace, a global leader in AI for cybersecurity, has released new research showing 84% of professional sports organisations have experienced a cyber incident in the past 12 months. More than half (57%) were hit multiple times.
As the 2026 FIFA World Cup puts professional sport into the global spotlight, the new report, Cybersecurity in Global Sport: Threats, Signals, and Strategic Implications for a Digitized Industry, highlights how AI is changing the risk landscape for professional sports.
Attackers are using AI to create more convincing phishing emails, tailor lures to real teams, venues, sponsors, executives and events and move faster across complex digital environments. At the same time, sports organisations are adopting AI across their own operations, creating new blind spots for security teams.
Darktrace found that 83% of cybersecurity professionals in professional sports surveyed believe they have detected AI use in cyberattacks against them in the past 12 months, while 72% believe AI will increase cyber-risk over the next year.
That risk is amplified in professional sports, where live events, high-value data, public pressure, fixed schedules and large networks of partners and suppliers all intersect at once to offer attackers maximum publicity, profit and potential impact.
According to the survey, the average cyber incident cost sports organisations US$169,000 over the past 12 months. However, the real financial impact compounds: 57% reported being hit more than once and 43% reported between six and 10 incidents in a single year. For each of those organisations, the cumulative annual cost could climb to as much as US$1.7 million.
The wider impact goes beyond financial loss. In sport, a compromised executive account, fake fan communication, disrupted ticketing system or exposed athlete data can create deep and immediate public, financial and reputational damage.
Security concerns increasing as AI adoption rises
Within professional sports organisations, AI adoption is growing rapidly from the backroom to the pitch.
Security professionals surveyed for Darktrace’s research reported that stadium operations would cause the greatest impact if compromised in a cyberattack, cited by 34% of respondents. Yet more than a third (35%) said they are already deploying AI into those same operations or plan to in the next 12 months, bringing new risks in the area they can least afford to lose.
A similar pattern follows in other operational areas. One-third of respondents said they are using or planning to use AI for ticketing operations and fan engagement and 32% are using it for marketing operations and content generation.
At the same time, many remain concerned about integrating AI into those critical systems. Nearly half of security professionals cited risks introduced during AI development and deployment (47%) and AI prompt risks and attacks (47%), while 35% pointed to shadow AI as a concern.
As sports organisations expand AI use into increasingly critical operations, security teams need visibility into what AI tools can access and what actions they can take, how they interact with sensitive systems and data and whether the underlying AI infrastructure itself is being targeted or misused.
Phishing and identity remain high risks
Darktrace telemetry data shows that email and identity remain key attack paths for the sector.
The report found that sports organisations are particularly exposed to email phishing attacks, with Darktrace sports sector customers receiving nearly 20% more phishing emails than those in other industries.
Darktrace / EMAIL detected more than 116,000 phishing emails targeting sports sector customers across six months spanning October 2025 to March 2026. Of those, 21% targeted VIPs, 38% were spear-phishing attempts, 84% successfully passed DMARC authentication and 37% contained novel social engineering features.
“Professional sport is a high-pressure environment where timing matters,” said Nathaniel Jones, VP, Security and AI Strategy, Darktrace. “A suspicious login, unusual data movement, or unexpected AI agent action may look small in isolation, but during a live event it can become operationally significant very quickly. The most effective way to mitigate the risks facing sports organizations both internally and from external actors today is to adapt a behavioral approach to security. That means shifting away from rules and signatures and focusing on understanding both human and AI behavior inside your environment.”
Taking action to stay ahead of evolving risks
As the sports industry enters a new phase of exposure, behavioural approaches become increasingly vital to securing organisations and events. Security teams need to understand what normal looks like across the environments that matter most to sport: people, identities, email, stadium systems, suppliers and AI tools.
That behavioural understanding helps them detect threats designed to blend into normal activity, whether the risk comes from an external attacker, a compromised account or an AI agent acting outside its intended role.
In this environment, AI systems such as Darktrace / SECURE AI provide a vital foundation for security operations, delivering unified, real-time visibility across environments and machine-speed response to potential threats.
Building on that behavioural AI foundation, Darktrace highlights six priority actions for professional sports organisations to stay ahead of evolving threats:
• Threat modelling for emerging technologies, including AI misuse
• Rigorous supply chain governance and vendor access control
• Strong segmentation across IT, OT and fan-facing systems
• Identity-centric security with anomaly detection and universal multi-factor authentication (MFA)
• Phishing resilience across all channels, including QR-based vectors
• Operational playbooks aligned to live event constraints
