Latest News

October
02
2018

IBC Aftermath - "Risk, resilience and reputation: Being cyber secure across your entire organisation"

Fortium were lucky enough to be an innovation partner at the recent IBC Cyber Security Forum, taking part in a thought leaders' panel about the various threats facing Broadcast and Entertainment companies the world over.

One of the specific threats to Broadcast is the need for files to be edited and localized in near finished state, often passed from office to office, country to country. There will be a planned release window, to maximise either box office takings or viewership upon release. Any leak of media content before planned release can mean lower viewership and lower box office takings - not to mention a loss of reputation to the content owners or post-production company that was responsible.

At IBC 2018, our COO Ceri Coburn was able to explore the Cyber Security landscape in general for the entertainment industry, looking at how to maintain security for 1000+ people businesses and projects, involving several different companies across multiple continents. Some of the questions posed to our thought leader CISOs on the panel were:

  1. How are cyber risks different for broadcasting and entertainment, compared to other industries?
    • A TV show leak could seriously harm relationships with advertisers and put market plans out of place. A film loses 19.1% of revenue on average at box office if released online early.
    • A film will generate $100m box office revenue, what other industry has digital files or media worth that amount?
    • For TV shows, 15 per cent of UK users aged over 12 (nearly 6.7 million people) viewed pirated content in the three months between August and October 2017 - how is this combated 
  2. How difficult is getting cyber security buy-in from different departments? Do some think they are too trustworthy to be seen as a security gap?
    • Is security still seen as an IT problem? How do you challenge these views?
    • Is there a generational divide? A Ponemon Study this year said:
      • The average millennial is more than twice as likely to use an unapproved app or device in the enterprise network as compared to a baby boomer.
      • Baby boomers are highly vulnerable to social engineering-based identify thefts and phishing attacks.
      • Baby boomers are the most unaware of techniques of protecting confidential and sensitive digital information.
  1. How do you secure, not only your own organisation, but data or files sent to partner companies?
    • What are the commonly overlooked 3rd party security risks and how can organisations address them?
  2. Are we too occupied with hackers and cyber attacks, and should we instead be more concerned with accidental distribution from human error, from our own employees?
    • Employees are not likely to intentionally leak content or sensitive information as they are trusted users – should employers do more to protect them?
    • Since 2016, the average number of incidents involving employee or contractor negligence has increased by 26 percent, and by 53 percent for criminal and malicious insiders. The average number of credential theft incidents has more than doubled over the past two years, increasing by 170 percent. 
  3. As suggested by the last question, how do you keep employees aware of ongoing security risks?
    • You can only "tell" people what not to do and not to do so many times. Fake “phishing emails” are increasingly used
  4. What is the hardest thing about implementing security policy across 100s of employees?
    • Different countries, different systems, different needs, different travelling commitments and  different cultures mean security protocols need to adapt for each scenario - one size fits all rarely works.

     

We would like to thank our fellow panelists who joined our moderator Ceri on the panel during the show:

  • Mohamed Abuagla, former CISO/CTO of Al Jazeera
  • Adde Granberg, CTO of SVT
  • Luca Simonelli, Head of EMEAR Cisco Cloud Security (who managed to step in last minute!)

 

About Fortium: Fortium specialise in protecting sensitive content within entertainment. Our MediaSeal encryption at-rest software is used by major studios and over 250 post-production houses worldwide. It's multi-factor authentication ensure files cannot be accessed by unauthorised users. Find out more at www.mediaseal.com