Developing a new breed of security to suit the new ways in which we consume content
The way in which we consume content has changed forever. Physical media and prescheduled TV and radio have rapidly given way to the convenience, accessibility, and range offered by streaming services. Independent content creators share the digital stage with the most well-established industry leaders, and numerous organisations have embraced the mantra that 'content is king', utilising online video as a key tool for building engagement with their prospects and customers.
To accommodate this new model, the sector's IT infrastructure is evolving to keep pace. Numerous organisations are looking to expedite the delivery of world-class content through Cloud transformation, in order to optimise flexibility, scalability, and cost control. This, in turn, allows for the sophisticated streamlining, automation, and personalisation that technologies like AI, big data, and machine learning can open up.
It's an exciting time for consumers and businesses alike, with near-unlimited volumes of high-quality content, tailored to viewers' most specific personal preferences, just a click away. But as with any new technological innovation, cyber criminals are already hard at work, looking to exploit any security weaknesses in media organisations' IT infrastructure. This can range from nuisance actions, such as vandalising webpages, to full-scale theft of intellectual property, with all the financial and reputational consequences that entails for the victim.
As far back as 2016, 28% of surveyed media organisations confirmed they had experienced a cyberattack, while 38% had experienced the loss of intellectual property, with many also reporting that their websites had been taken offline in the process1. In light of current geopolitical tensions, the threat of a successful cyber-attack has moved from something that organisations must treat as highly likely, to something that must be regarded as a near-certainty.
It's not if, it's when…
With film budgets frequently running into the hundreds of millions, they are a natural target for ransomware attacks, which continue increasing in frequency and sophistication. The embarrassment of a pre-release leak is damaging enough (as Netflix has found in 2021, when two of its most anticipated films were leaked on pirate websites prior to their official launch dates), but the threat can be even more serious than that. One just has to consider the large-scale hack that Sony Pictures experienced in 2014, when corporate data ranging from employees' personal information, to scripts, plans for future films, and several unreleased films was leaked online, after which wiper malware was used to delete its IT infrastructure. The attack was later thought to be the work of cyber terrorists sponsored by a foreign government.
This is the kind of worst-case scenario media organisations must be prepared for, which means they must both secure their content and ensure that their IT infrastructure can be safely and quickly restored in the event of a successful attack, without resorting to paying the criminals to do so.
Developing a media-ready model of cyber security
IT infrastructure has evolved considerably in recent years to optimise the delivery of streaming services and on-demand content, particularly with an increasing rate of Cloud adoption. At the same time, media professionals (including freelancers, are connecting from outside corporate infrastructure) communicating and collaborating remotely a large percentage of the time. The potential attack surface has thus grown considerably, particularly when it comes to accessing the intellectual property that hackers have long seen as 'low-hanging fruit'.
For this reason, a proactive approach to cyber security is essential. Organisations must constantly monitor the threat landscape - ideally with the support of a technology partner with proven experience in securing media assets - and ensure the latest intelligence is acted upon at the earliest opportunity.
Furthermore, with the increasing speed of Cloud transformation, security ecosystems must be Cloud-ready by design. Multi-Cloud and hybrid Cloud solutions are particularly advantageous in this regard, offering an extra layer of resilience and allowing for integration with existing systems and processes that are not yet suitable for digitalisation, while still taking full advantage of the Cloud's inherent flexibility and scalability. This opens up numerous opportunities for remote collaboration during project phases such as post-production, where teams do not necessarily need to be based in the same location.
Regardless of the type of Cloud solution utilised, it is essential that IT infrastructure can be restored as quickly as possible in the event of a breach - ideally in hours, not days. Air gapped disaster recovery solutions, utilising immutable backups that cannot be accessed or edited until a restoration is required, are ideal for this purpose. This way, critical assets (e.g. content that has yet to be released or viewers' personal data) can be kept completely secure at all times, then quickly restored in the event of a ransomware attack, eliminating any need to make ransom payments, and so effectively breaking the model of such attacks.
Leading-edge cyber security, tailored to the Media & Entertainment sector's unique challenges
The global Media & Entertainment sector is in the middle of a period of fundamental transformation, as viewers' relationship with the content they enjoy on a daily basis evolves, and creators and providers work to keep pace with this. While the opportunities are enormous, the cyber security challenges that this new model of content delivery has presented must not be neglected. Maintaining the absolute security of content throughout every phase of its development while still ensuring it is readily available to viewers will require close collaboration between media organisations and their technology partners and will very much be an ongoing process, as criminals continue developing their tools and tactics. To find out more about how Exponential-e is supporting the Media & Entertainment sector along its cyber security journey, click here.
Make it work, make it easy, make it cool.
The Media & Entertainment sector faces many unique challenges when it comes to organisations' IT infrastructure, as the drive to keep content readily accessible through multiple channels must be balanced against the need for scalability, cost control, and robust cyber security. This brochure sets out how Exponential-e utilises our full portfolio of solutions to solve these challenges, in order to transform the way world-class content is created, managed, and delivered.
Stay Informed
When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.
