The last decade has brought a massive shift in how broadcasting companies operate. Video-on-demand, mobile applications, and streaming services have diversified the way audiences access content and have put pressure on broadcasters to deliver media anytime, anywhere, and on any platform.
To keep up with consumer demands and remain competitive in the current market, media organizations have had to reshape their business models and consolidate operational procedures. This has often meant an increasing reliance on IT systems and the digitization of workflows. As the role of IT and intellectual property has grown, cybersecurity risks have begun impacting content, customer data, service, and business continuity.
Traditionally, broadcast technology infrastructure was often isolated, without internet access, and mainly hardware-based, so less exposed to cybersecurity threats. Nowadays, broadcast functions are based more and more on software and connected to internal and external networks, increasing the risk of external attacks and insider interference.
Broadcasting companies now face the challenge of setting up cybersecurity frameworks that cover broadcast media’s production chain end-to-end and address technology, procedural and human vulnerabilities. Many have taken inspiration from existing cybersecurity best practices such as the NIST Cybersecurity Framework and the Motion Picture Association of America (MPAA) ‘s best practices for content security or standards such as ISO 27001/27002.
However, there are a number of industry-specific concerns broadcasters need to consider as they build their cybersecurity strategies. Here are three of the most important.
Top security considerations for broadcasters
1. Vulnerabilities in the production and distribution chain
Confidentiality is key for broadcasting companies as it is essential for them to protect details concerning plots when it comes to movies and TV series, but also the secrecy of sources in case of investigative reports. However, broadcasters often rely on outside contractors and partners to process, finalize and distribute content.
Large files and isolated environments have made removable devices the transfer method of choice in broadcasting companies. As this is a necessary step in the production and distribution of content, companies cannot ban their use, but they can use encryption to limit access to files transferred using removable devices.
Data Loss Prevention (DLP) solutions like Endpoint Protector offer enforced encryption features that ensure that any files copied on removable devices are automatically encrypted with government-approved 256bit AES CBC-mode encryption. This means that no third party without a decryption key can access them. Even better, admins have the option of resetting passwords if they have been compromised and wiping devices remotely by resetting the device, effectively erasing all the files stored on them.
2. Insider threats
Employees themselves can sometimes be a broadcasting company’s biggest vulnerability. Having direct access to intellectual property (IP), they can easily exfiltrate data or cause accidental data leaks through negligence. And while some broadcast companies have chosen to isolate computers in the production chain to avoid potential leaks through the internet, this makes the use of removable devices a common method of transfer.
To prevent potential IP thefts, companies can use DLP solutions to limit the use of removable devices to trusted devices. This can mean devices that have a certain level of encryption, but also devices pre-approved by the company. These control policies make it easy for broadcast companies to track the use of removable devices and identify and log which employees have used which devices to copy sensitive files at what time.
3. Protecting data on all operating systems
Most broadcasting companies often run multi-operating system networks, with some predominantly using macOS. When it comes to cybersecurity, macOS is often neglected as it is considered more secure than other operating systems due to its Unix-based architecture and Apple’s focus on adding the latest security features to new versions of their OS.
What broadcasters need to keep in mind is that, while it’s true that macOS is more secure against outsider attacks, it is just as vulnerable to insider threats. Data can be copied from a macOS running computer just as easily as one running on Windows or Linux.
To ensure the same level of data protection across all its computers, broadcasting companies must look for the best cybersecurity solutions for macOS on the market. If they are running a multi-OS environment, they should focus on cross-platform solutions that offer feature parity between all operating systems, ensuring the same level of protection regardless of the operating system a computer is running on.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.