Innovation and new technology are changing the way digital media is consumed faster than ever before. The roll out of 5G networks and compatible mobile devices will only accentuate such change. Across the broadcast and media industry, the benefits of digital transformation cannot be overstated. From creating high-quality and high-speed on-demand content for consumers to flexible workflows, the possibilities are endless. Tech-savvy viewers increasingly provide a market for data-intensive, UHD content, consuming content online, offline, and on-demand. In turn, throughout the industry, traditional broadcasters have been seeing aggressive competition from over-the-top (OTT) operators such as Amazon Prime and Netflix.
To face up to the challenge from these new players, traditional broadcasters are starting to cooperate with each other and are creating their own on-demand channels where people can consume linear and non-linear content. IP and Cloud services have been an enabler to this. However, with all this proprietary and sensitive data floating around in the cloud, businesses within the sector must be aware of the risks that follow. Initially, the traditional media and broadcast industry has been slower than others in adopting cloud computing, however more recently it has been catching up at pace, cementing its place as one of the leading industries as the fourth transformation takes hold. Nonetheless, when organisations move to a cloud-based IT environment, it’s imperative that they examine how they manage security around content.
From Game of Thrones, to Orange Is The New Black and to Disney (the latter of which is launching its own cloud-based streaming service, Disney+, next year), content can be hacked and held for ransom. This shouldn’t be surprising, considering the price that unreleased episodes can fetch on the dark web. Take Game of Thrones: last year, an anonymous hacker poached scripts and unaired episodes of HBO’s seventh season of Game of Thrones, then leaked a selection on the Internet. Subsequently, the hacker sent a series of cryptic and elaborate emails to key members of the media, drawing their attention to the leak.
In the emails, it was claimed that the hackers had stolen as much as 1.5 terabytes of raw data from HBO — nearly seven times as much data than that purloined from Sony in 2014. In exchange for stopping the leaks, the hacker demanded $6 million in Bitcoin from HBO executives, as revealed in court papers. To this day, HBO has not commented on whether or not the ransom was paid. Evidently, if victims don’t pay up, there’s a palpable threat that cyber criminals will unleash spoilers into the world.
As broadcasters move away from traditional legacy technology, such as the traditional format of Serial Digital Interface (SDI), towards Internet Protocol (IP)-based networks, it is inevitable that they will face higher risks from cyber security breaches. This is due to the distributed nature of an IP environment — and, therefore, a greater cyber security attack surface — alongside growing global IP hacking skills. To compound these inherent risks, a breach originating from the corporate side of a broadcaster or content provider (typically an IP environment) could find its way over to the broadcast side of the business once migrated from SDI to IP. As such, there are certain security steps organisations must take to safeguard themselves and their content.
Above all, cloud-based content should go hand-in-hand with securely encrypted and redundant cloud storage, which ensures business continuity and disaster recovery. A vendor-agnostic cloud management platform (CMP) complemented with cyber security services can not only provide a competitive edge by enhancing the organisation’s operational agility, it can also protect the Broadcasters’ ‘corporate’ environment, securing their multi-cloud services and the entire IP connectivity chain in between. By monitoring for external vulnerabilities, different attack vectors from outside the network can be prevented. At the same time, internal vulnerabilities can be identified by analysing the configurations of devices within scope to see how their security posture can be better aligned and hardened. Combining this with robust network intrusion detection, anomalous behaviour originating within applications, networks, systems or data access can be detected, flagged and addressed before anything gets seriously out of hand.
Moreover, outsourcing this to an external provider can relieve broadcasters — both traditional and new entrants — of the time and technical constraints of this effort. In an industry where firms are evolving fast, sometimes it’s simply not possible to skill up as they evolve and neither can they leave data security to chance. Their brand and future growth depends on them being able to demonstrate that they take data governance extremely seriously.
Partnering with an external provider can ensure that security protection has a global reach and a rich range of supporting services to speed up innovation and enhance end-user experience. For example, data policy and controls can be automated, allowing for effective end-to-end lifecycle management that adheres to regulatory compliance standards, which can be monitored in real-time.
By following these steps, neither broadcasters nor consumers need to worry if anything slips up, safeguarding not only their businesses but also their consumers from spoiler sprees. Organisations can be empowered to distribute content over IT networks, migrate their network to a shared cloud platform, secure their content, and deliver their end content in a way that users want to consume it — safely, at high-speed, and in high-quality.