Written by
Published on 19 Feb 2019

By Renaud Presty, Director of security at Globecast

Cybersecurity is one of the top priorities on the agenda of media industry players for 2019 and rightly so. We’ve all seen in the media cyber attack stories, includes stories that affect many in the industry. It concerns all aspects of our society, including politics and our private lives, and the majority of governments have now built strong Cyber Command organizations to be able to respond to any potential threats. Industry players have also taken critical steps to protect their assets, leveraging well-established CERTs organizations and security management systems. Meanwhile, social engineering types of attacks, such as doxing and multiple forms of data stealing/re-use, are also disrupting our private lives. With the European GDPR regulation enforcement in place since May 2018, it’s clear that security measures to protect personal data are essential.

Increasing content redistribution threats

This is also of critical importance to content protection and media industry services. With the increasing content redistribution threat, with new forms of video piracy via live streaming, peer-to-peer video delivery, credentials sharing, or Kodi applications, for example, on set-top boxes, smart TVs, or other access devices, traditional content protection measures need to be revisited, with premium content online enforcement programs and new forms of security services programs. Also, where in the past head-end platforms were isolated, the threat model is now evolving with the arrival of new internet-based services, with multiple interconnected platforms and widespread use of common software and network tools. Security programs will have to be reinforced in order to address piracy crises.

Cybersecurity recommendations for 2019

Here are the three recommendations for 2019:

  • Think about how you detect, and how much time you need to detect and analyze, security events.
  • Do not take processes and organizations for granted. Deploy a continuous security improvement plan with continual assessment of the robustness of installed security measures.
  • Integrate digital security into new solutions and services design from day one, starting from the think phase down to deployment.