Protecting Media Assets – Risk and Resilience

The sudden shift to remote working within the media industry saw an incredible turnaround, with workflows being instated quickly to ensure that quality content creation could continue. Existing media tools were adapted to enable workers from around the globe to access content and contribute to production, all whilst the industry came to terms with wider logistical challenges. A quick rollout of infrastructure saw big changes in how the industry managed their assets; suddenly, data that would have been very difficult to access needed to be available to workers from their homes.

As time has progressed, cybersecurity issues started being noted within the industry. Hackers realised that there was an opportunity to exploit the quick changes that had happened within networks; both online media systems and communications channels were an obvious target. According to ThoughtLab, the average number of cyberattacks and data breaches increased by 15.1% in 2021 from the previous year. Ransomware has been one of the most documented cyber threats in recent years; so how can media companies reduce the risk of cyber-attacks on their media assets?

Understanding the Challenge

It’s important to get to grips with how hackers attack media companies and their assets. Media assets are hugely valuable, and both gaining and restricting access to this data is extremely beneficial for hackers. The well-documented 2014 Sony hack is an example of the magnitude of damage that hackers can cause; unreleased films were leaked online, security threats were made, and emails amongst employees were shared to the press.

Ransomware centres around encrypting data to prevent access; this method became efficient in recent years, with hackers choosing to cause maximum disruption through only encrypting parts of files. This can include encryption of file system names and metadata indexes. This does not take long and can render data completely inaccessible. Spyware and viruses are also other common methods of causing upheaval within organisations and must also be considered when focusing on cybersecurity. With high-value media assets at stake, the industry is an attractive opportunity for hackers and, therefore, it is important to review networks and assess any potential access points. 

Who is at Risk?

It’s important to acknowledge that every media company must review how content is being stored and how it is accessed; cybersecurity attacks should be expected, and organisations must be prepared. Security should be integrated within media networks and entire infrastructures should be centred around safeguarding content. The entire network must communicate securely, regardless of workflow requirements or integrated applications, and it is important not to make assumptions regarding the levels of security being provided.

Some adopted cheaper NAS services during the quick setup of remote working systems and moved entire libraries of content to them; in these instances, it is important to check the levels of security being delivered by the provider. Legacy platforms can also be left exposed to attacks and can often be overlooked when upgrading solutions. The value of content, both new content and old archives, is huge for broadcasters. Cybercriminals are looking to exploit this through routes into media storage systems that might not be immediately obvious. So, what can organisations do to enhance security within their networks?

Steps to Creating a Secure Media Network

There are several methods which can reduce the business’ susceptibility to the effects of a cyber-attack:

• Immutability is possibly the most important tool to utilise when managing content and data. It can completely protect data from being changed or deleted by ransomware, as the ransomware never has access to the O/S.
• Disaster recovery methods ensure that copies of content are saved securely, often off-premises, to prevent hackers from having sole access to data.
• Auditing is a simple and quick way of monitoring all access to content and is especially valuable when remote access is factored in. A full protected audit of actions on the cluster, can ensure that you have a visual on every read and update within the file.
• Ensuring your media library is accessed only by API is hugely important as it restricts access from common protocols and protects the route to media for only those users with the correct credentials.

Digital Content Governance (DCG) utilises a mixture of these steps and is fundamental in providing layers of security, as well as auditing, to ensure that security is integrated throughout each layer of the system. Exposing all of your content via a file-based system leaves it vulnerable and, therefore, employing a purpose-built storage system that adheres to high standards of DCG can mitigate the damage caused in the event of a hack.

Integrating Security at Every Level

With hackers approaching cyberattacks with increasingly sophisticated and intelligent tools, media organisations who leave security as an ‘add-on’ are at risk of losing control of their assets. The inherent value of media is a highly coveted prize, and the reward has been clear for those hackers who have attacked major players within the industry.

Global working has opened-up the way we access content remotely and systems must have an integrated, multi-layer approach to security to circumvent the loss of data in the event of an attack. A single layer of security is not enough; criminals are experts in finding routes around seemingly robust methods. Building a system from scratch which utilises good DCG practices from its foundations, including its interactions with interoperable apps, will provide the best level of protection possible.

Every media business should anticipate a cyber hack and, with the correct tools, feel confident that they have enough mitigation techniques in place to stay in control of their assets. To future-proof the media industry for long-term remote and hybrid working, we need to manage risk effectively by building resilience from the ground up.