by Debra Kaufman
Security has become an area of great concern in the media and entertainment industry, since the Sony hack in 2014. This year, TheDarkOverlord hacked Larson Studio and released most of the fifth season of Orange Is the New Black, and later hacked ABC's Good Morning America Twitter accounts. How worried should you be? And what can you do to protect your company? HPA spoke with security expert Ted Harrington, executive partner at Independent Security Evaluators to find out.
Awareness about security is indeed increasing. It is important to note, however, that the threats to M&E aren't necessarily increasing, but rather awareness about those threats. These challenges have existed all along. The Sony breach was a catalyzing event that heightened the urgency for organizations to approach security proactively rather than reactively.
Security is a business problem, not just an IT problem, and executives are starting to recognize it as such. Every major attacker category is interested in stealing content assets, and all for different reasons, which makes it an immensely difficult position for defenders to handle. That was actually a primary motivator for Independent Security Evaluators when we committed to working here years ago, because we love solving complex problems.
One of the most crucial cybersecurity areas is surrounding applications. Adoption of applications is very rapid, and is fundamentally changing the business of content creation and distribution. Applications also entail a vast collection of attack surfaces for adversaries to pursue.
Ransomware has gotten a lot of attention. According to Forbes, cybersecurity firm SonicWall reported about 3.8 million ransomware attacks in 2015, which skyrocketed to 638 million attacks in 2016. The best way to protect against ransomware criminals is proper offsite backup, and it's critical to note that many organizations don't set up backups at all. Or if they do, they do so improperly, and so the primary data and the backup data often get compromised in the same event.
Although some people still fear the putting content in the cloud, this fear is irrational. We find that most people fall into one of three categories: irrationally confident in the cloud, irrationally afraid of the cloud, or somewhere in between. We advocate that everyone should be in that third category. A healthy dose of skeptical paranoia combined with a reasoned approach to risk-taking is how executives should consider pretty much any business decision, including whether to adopt cloud services.
Content assets are more at risk in a cloud environment than in physical media, because the attack requirements are lower. However, it is worth noting that the only unhackable system is one that is disconnected and buried in concrete - and how usable is that system? All aspects of any business make tradeoffs, and there are ways to utilize cloud services that are effective in minimizing risk.
The primary risks of utilizing cloud services are the same risks as not using cloud services: exploitable design flaws, exploitable implementation flaws, improper configuration, broken trust models, and so on. Fundamentally, the only difference between cloud and on-premise is that someone else owns the hardware. The manner in which an organization must consider adversaries, architect systems, and protect assets are essentially the same whether or not they own the hardware. Cloud actually even offers some security upgrades: while the primary tradeoff of utilizing cloud services is that an organization entrusts the data to someone else's hardware, the benefit return is that the cloud service providers are constantly investing in hardware upgrades, have extreme physical security measures in place, and have the latest and greatest of everything. A company that manages their own equipment on premise usually tends to not invest as heavily or as frequently in upgrades.
All studios require their technology vendors to undergo some sort of security testing prior to approval to access content, and most require the vendors to pay for it. In many cases, all organizations on both sides of that equation do not understand the assessment methodology that is required, and there is usually a drive towards cheap pricing rather than through assessment. But security is not overhead to be reduced, it is a business enabler to be invested in.
Bigger companies tend to be the more common targets, but smaller companies tend to be lesser able to defend themselves or afford adequate security measures. At the same time, smaller companies tend to be the engines of innovation, and the bigger companies (such as the studios) partner heavily with smaller companies (such as many of the technology vendors). Attackers know this. Malicious campaigns are often organized around what is known as a stepping stone attack, which is targeted at the smaller vendor companies that have lower defenses but the same access to the extreme valuable content assets. In the event of a compromise, both the small company and the big company thereby get hurt.
Steps companies should take right now to protect themselves are to understand and adhere to principles of secure design. I recently wrote a whitepaper on this topic, which you can read here. My advice is to invest in a proper security assessment, and avoid more cursory approaches like black box penetration testing, automated scaring, or reliance on compliance. Investigate your systems for weaknesses from the perspective of the adversary. Because, whether you do or do not approach your security weaknesses thoroughly, make no doubt about this: the adversaries will.
Most recent headlines
05/01/2027
Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be ...
01/06/2026
January 6 2026, 05:30 (PST) Dolby Sets the New Standard for Premium Entertainment at CES 2026
Throughout the week, Dolby brings to life the latest innovatio...
02/05/2026
Dalet, a leading technology and service provider for media-rich organizations, t...
01/05/2026
January 5 2026, 18:30 (PST) NBCUniversal's Peacock to Be First Streamer to ...
01/04/2026
January 4 2026, 18:00 (PST) DOLBY AND DOUYIN EMPOWER THE NEXT GENERATON OF CREATORS WITH DOLBY VISION
Douyin Users Can Now Create And Share Videos With Stun...
18/03/2026
Newly named chief product officer (CPO), Larissa G rner Meeus will return to Net Insight on May 4.
Larissa G rner Meeus will become CPO of Net Insight on May 4...
18/03/2026
SVG Europe's The Football Summit 2026 explored how the sports broadcasting i...
18/03/2026
The 2026 NAB Show kicks off one month from today and SVG is once again set to cover the show from every angle. SVG's SportsTech@NAB Show Blog is now live - ...
18/03/2026
(L-R) The cast and crew of Dead Lover at The Ray Theater for its premiere at the 2025 Sundance Film Festival. (Photo by Robin Marshall/Shutterstock for Sundan...
18/03/2026
Yamaha C7 captured in Nashville
Wiltone Productions have announced the release of Music Row Piano, a deeply sampled Yamaha C7 piano library that's been ...
18/03/2026
Bass-enhancement plug-in upgraded
Along with a steady stream of new releases, Techivation have recently been revisiting some of the older plug-ins in their ...
18/03/2026
Mix-reference plug-in overhauled
iZotope's powerful mix-referencing plug-in has just reached its third major version, and now boasts a new capture proce...
18/03/2026
Latest EZKeys 2 expansion arrives
Toontrack's staggering collection of EZKeys 2 expansions has grown once again, and the latest instalment delivers a on...
18/03/2026
Jess Ho explores the politics of food in new SBS Audio podcast For The Culture
18 March, 2026
Media releases
New SBS Audio podcast For The Culture, hosted ...
18/03/2026
Future-ready broadcasts with ATSC 3.0 and enhanced services from Rohde & Schwarz...
18/03/2026
London Calling - When The Industry Convened to Help Streaming Find its MoJo In this blog, Laura Rognoni reflects on key discussions from the Connected TV World...
18/03/2026
SMPTE Unveils 2026 NAB Show Educational Presentations
Brie Clayton March 18, 2026
0 Comments
SMPTE , the home of media professionals, technologists, a...
18/03/2026
Auditel Ad Campaign Shot on Blackmagic PYXIS 12K
Brie Clayton March 18, 2026
0 Comments
LED wall virtual production blends 12K open gate acquisition w...
18/03/2026
Brainstorm transforms productivity and sustainability with Suite 7 at NAB Show 2...
18/03/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
18/03/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
18/03/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
18/03/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
18/03/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
18/03/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
18/03/2026
SMPTE , the home of media professionals, technologists, and engineers, today unveiled its educational presentations for the 2026 NAB Show. This year SMPTE will ...
18/03/2026
Maxon, maker of powerful, approachable software solutions for creators working in 2D and 3D design, motion graphics, visual effects, gaming, and more, today ann...
18/03/2026
Digital Alert Systems
Preview
2026 NAB Show
April 19 - 22
Booth C3452
At the 2026 NAB Show, Digital Alert Systems will showcase Version 6.0 of its DASDEC ...
18/03/2026
Setplex today announced that it will showcase its complete, fully integrated Zapflex platform for the first time at the 2026 NAB Show, introducing powerful new ...
18/03/2026
THIS ANNOUNCEMENT RELATES TO THE DISCLOSURE OF INFORMATION THAT QUALIFIED OR MAY HAVE QUALIFIED AS INSIDE INFORMATION WITHIN THE MEANING OF ARTICLE 7(1) OF THE ...
18/03/2026
COW Jobs: Seeking DP for Low Budget Dramedy - Chicago
Brie Clayton March 17, 2026
0 Comments
Seeking Director of Photography for Low Budget Dramedy Fe...
18/03/2026
COW Jobs: Seeking Gaffer for Low Budget Dramedy - Chicago
Brie Clayton March 17, 2026
0 Comments
Seeking Gaffer for Low Budget Dramedy Feature Film- I...
18/03/2026
COW Jobs: Seeking Location, Sound for Low Budget Dramedy - Chicago
Brie Clayton March 17, 2026
0 Comments
Seeking Location/Sound for Low Budget Dramed...
18/03/2026
COW Jobs: Seeking Child Wrangler for Low Budget Film - Chicago
Brie Clayton March 17, 2026
0 Comments
Seeking Child Wrangler for Low Budget Dramedy Fe...
18/03/2026
Calrec Redefines Broadcast Workflows at NAB 2026 with its Most Powerful Hardware...
18/03/2026
Oscar Nominated Two People Exchanging Saliva Posted with DaVinci Resolve Studio
Brie Clayton March 17, 2026
0 Comments
DaVinci Resolve Studio handle...
18/03/2026
Boston Conservatory Presents Celebrated Musical Satire Urinetown Performances for this Center Stage production will take place at Boston Conservatory Theater ...
18/03/2026
Charlie Puth Joins Switched on Pop at Berklee NYC The Berklee alum spoke with host and Berklee NYC professor Charlie Harding for a live taping, answering audi...
18/03/2026
X-Rite Pantone Demonstrates Advanced Color Management Solutions to Support Smart...
18/03/2026
Wednesday 18 March 2026
BAFTA winner James McAvoy to star in Sky Original serie...
18/03/2026
Wednesday 18 March 2026
Sky Sports and Zuffa Boxing announce multi-year agreement for the UK and Ireland
Sky Sports and Zuffa Boxing have announced a new mult...
18/03/2026
Wednesday 18 March 2026
Sky Unveils Poster and Trailer for Original Feature Fil...
18/03/2026
Wednesday 18 March 2026
UP NEXT: Sky presents a bold slate of new, premium acquired content
Sky reveals slate of newly acquired premium drama and comedy, as i...
18/03/2026
Wednesday 18 March 2026
UP NEXT: Sky unveils an unmissable genre-spanning slate...
18/03/2026
Back to All News
Preparatevi Alla Terza E Ultima Stagione De La Legge di Lidia ...
18/03/2026
Back to All News
Netflix Drops Teaser and First Look Images for The Chestnut M...
18/03/2026
New Playout-to-Delivery Capabilities Elevate ATSC 3.0 Experiences, Lower DTV In...
17/03/2026
NASA+'s Rebecca Sirmons and Brittany Brown offer unique look at live streami...
17/03/2026
The transition to IP has fundamentally reshaped professional media infrastructures. Video, audio, and increasingly metadata now circulate as independent, precis...
by Debra Kaufman
