Media content security

Protecting content from prying eyes

In the M&E industry, media content is the revenue stream and the competitive differentiator that sets an organization apart from everyone else.

Content security has become a major priority for every industry player defending networks, data, and computers against unauthorized cyber breaches, attacks, or damage. Securing content from theft is important to protect an M&E organization’s standing in the marketplace and critical to building the audiences that underpin the media business model.

The consequences of attacks go beyond the financial. They affect operations and public perceptions. In 2016, Broadcasting & Cable and Video Edge magazines surveyed media and entertainment executives on cybersecurity concerns.¹

Twenty-eight percent of survey participants said their organizations had experienced a cyberattack or cyber breach. Many reported that one or more corporate websites had been forced offline because of an incident. In addition, 25 percent of those surveyed said that corporate data had been breached as a result of a cyberattack. Thirty-eight percent said they had suffered a loss of corporate intellectual property.

¹"Security concerns in the media and entertainment industry," DCN, January 5, 2016.

Back to top

Cybersecurity threats to M&E content

In recent years, content breaches due to cyberattacks have emerged as a major threat for M&E organizations, including the direct costs of investigating and responding to cyberattacks and data breaches, as well as the indirect costs of ameliorating the damage.

Additionally, the risks and complexity of securing content are amplified because of disparities in size, function, and security capabilities among organizations within the media supply chain ecosystem. According to the best practices report from the Motion Picture Association of America (MPAA), there are 14 types of facilities that may provide services or handle content prior to release.² Some of these facilities have become gold mines for hackers.

When M&E organizations entrust proprietary content to external business partners, they inherently expose themselves to risk. Downstream suppliers and distributors present ideal "soft" targets to gain access to the valuable content of the major media creators. And these risks often materialize into actual breach incidents. At the highest level, third-party incidents can result in reputational damage, non-compliance, or even criminal activity, which can negatively impact earnings and shareholder value. Organizations need actionable roadmaps to support cybersecurity for their enterprise that includes facilities and third parties within the media supply chain ecosystem.

² Content security best practices: Common guidelines, Version 4.03, Motion Picture Association of America, Inc., July 18, 2018.

Back to top

Develop a structured approach to content security

M&E organizations should begin with a review and assessment of their current practices for the handling of content.

A number of innovative approaches exist for M&E organizations to enhance content security:

• Encryption technology
• The "analog hole"
• Digital fingerprinting
• Blockchain
• Watermarking

Once the M&E organization understands internal content security mechanisms, leadership should also consider the third parties that engage with content through the media supply chain ecosystem. Relevant stakeholders should be educated on their responsibilities for the handling and security of content, including an understanding of how it’s developed, stored, transferred, and even potentially destroyed.

Back to top