Media and entertainment (M&E) businesses, like any other industry, face a barrage of cybersecurity threats that can compromise their sensitive data, disrupt operations, and damage their reputation.
Unlike some other industries, however, M&E businesses are highly public facing, work with valuable copyrighted intellectual property (IP), and often deliver time-critical services such as on-demand video streaming. In such an environment, the financial and reputational damage of a significant cyberattack or data breach can be even more devastating than usual.
Indeed, the threats faced by M&E businesses are varied, severe, and ongoing – but there are ways to mitigate them. Here’s a close-up shot of how M&E companies navigate the world of cybersecurity.
Cybersecurity in Media and Entertainment
A recent analysis by S&P Global Ratings showed that threat actors mostly target sectors with extensive customer data or that provide critical or time-sensitive services, such as telecommunications and M&E.
Additional research from security firm BlueVoyant shows that three in 10 media vendors are susceptible to compromise via vulnerabilities discovered in their publicly accessible online presence. Because M&E companies typically work with several vendors this could leave some companies vulnerable to supply chain-style attacks. The proportion of vulnerable media companies was found to be double that of a multi-industry benchmark composed of all companies monitored by BlueVoyant.
Despite these issues, M&E tends to have a relatively advanced cybersecurity posture than some other verticals. This is largely thanks to the faster pace of digital transformation in the M&E industry. M&E self-regulates through the use of digital rights management and content protection tools such as secure software to transfer and store data.
The industry has also developed the Motion Picture Association’s Trusted Partner Network. It’s a rigorous third-party assessment of a vendor’s security posture, and is essential to do business with a major studio.
The Most Common Cyber Threats Facing M&E
It’s no secret that much of the M&E industry has gone remote more so than other business verticals – from video editing to other post-production tasks such as visual effects (VFX) or color grading, remote workflows scattered across various regions are now extremely prevalent.
MovieLabs, a not-for-profit joint venture founded by major Hollywood studios, called for the mass adoption of cloud-centric technologies to support remote workflows in its 2030 Vision position paper.
While these remote workflows are highly productive and convenient, they’re also more difficult to secure. And that’s a big reason why two of the most significant attack vectors for M&E companies are insecure personal endpoints (e.g. mobile devices) and household IoT devices.
As security professionals know, every connected device in your home – even smart light bulbs – are a potential attack vector that must be secured.
Other risk factors in M&E include:
- The sensitive and highly valuable nature of the industry’s intellectual property (IP).
- Long chains of custody on many projects, with several different people from different companies working with a single media asset (this also applies to video assets circulated for advance screenings and award shows).
- Delays in patching and updating on-premises systems; the BlueVoyant report noted that more than half of media companies don’t update their systems for up to six weeks after a patch is released.
- The high dependence of M&E companies on third-party vendors. It just takes one vendor with lax security standards to open firms to a potential supply chain attack.
The fragmentation of the streaming market (among other factors) has also led to a notable upswing in content piracy, with visits to piracy websites jumping 12 percent over the past four years.
And even though ransomware attacks do happen to M&E firms, this technique isn’t as serious of a threat as in some other industries – at least when it comes to the major studios. That’s because many M&E companies are mandated to keep off-site data backups as part of their insurance policies.
So what kind of cyberattacks afflict the M&E business the most?
Phishing
Phishing and spear phishing attacks to gain stolen credentials are very prevalent in M&E, with industry watchers noting an increase in the number and sophistication of these types of attacks against streaming platforms last year.
Phishing attempts against content creators on YouTube and other platforms have also increased recently.
Employee security awareness programs can help because they train employees to better recognize and avoid phishing attempts. Other mitigation techniques include email filtering systems and identity and access management (IAM) tools such as multi-factor authentication (MFA) to guard against stolen credentials.
Data leaks
Most M&E phishing attempts have one primary goal: To acquire and leak valuable intellectual property, such as unreleased video or audio content.
Other data leaks sometimes spring from a lack of cloud expertise within media companies. A lack of cloud expertise can easily cause misconfigurations, which can then lead to insecure storage buckets easily accessed by bad actors.
This threat can be mitigated by encrypting sensitive data using strong encryption algorithms such as AES-256 and TLS 1.2. Implementing zero-trust architectures, conducting regular security audits, and monitoring for unusual network activities can also help prevent data breaches.
Supply chain attacks
Supply chain attacks are a notable risk for M&E firms with on-premises systems, because they require staying on top of software patches and updates (which many companies, unfortunately, do not do). Some companies take months to get around to patching or updating their systems.
While some see on-prem setups as more secure than the cloud, they actually only provide the illusion of security. That’s because every software installation introduces third-party code into your system, which is a potential attack vector.
Many M&E companies have moved to secure cloud platforms – which come with enterprise-grade security tools out of the box and don’t require manual updates or patching – to help alleviate supply chain threats.
How Media Businesses Can Thrive in a Climate of Escalating Security Risks
Organizations of all stripes face a climate of ever-escalating cyber attacks. But research shows that M&E businesses are especially vulnerable for many reasons, including the many vendors involved, the industry’s reliance on remote workflows, and the public-facing and valuable nature of their businesses and IP.
Cybersecurity is a major reason why many M&E businesses and major studios have moved their operations to either cloud or hybrid cloud systems. Although on-premises systems may intuitively feel more secure due to their physical location, the cloud is inherently more secure and comes with enterprise-grade encryption, security, and authentication tools as standard features. Cloud providers also patch and update systems as required within minutes – not weeks or months – to keep systems up-to-date and secure.
It all adds up to more secure workflows for M&E businesses – which, at the end of the day, means more great shows, movies, music, and other entertainment products for the rest of us.
This post is authored by Majed Alhajry, CTO at MASV, a cloud-based large file transfer service that works with hundreds of M&E companies and studios. Majed’s passion lies in discovering novel solutions for complex technical problems. He is an expert in the transfer of large files, local and global, as well as in networking acceleration technology and application layer protocols.
