Cyber Security Is An All Industry Issue

Cyber security impacts everyone and every industry. One unifying comment from cyber security experts is the bad guys are mostly winning. The good guys are fighting the good fight and we each need to do our part. One of the more challenging aspects of cyber security is cyber policy, governance, guidelines and training. I call this “good cyber hygiene”.

As the broadcast industry has become largely computer based evolving away from proprietary hardware, it opens the door and reality to cyber threats. At the same time there are many challenges and obstacles to implementing a hardened cyber security threat protection system into a mission critical broadcast environment. Media does not play well with threat protection, broadcast applications struggle to maintain the high performance required by media applications while scanning and monitoring for potential threats.

After a few “close calls”, the live sports production community has elected to work together to develop a set of policies, guidelines and governance rules that are universal across suppliers, rights holders and broadcasters. The remote production companies get cyber security compliance requirements from all of the major broadcasters prior to major events. In many cases, the requirements overlap or are consistent across all the content owners. What they are hoping to achieve is an acceptable set of cyber governance guidelines and policies that embraces the requirements and concerns of the entire community and develop a common set that can be “standardized”, approved and enforced by all.

For any remote event, the broadcaster typically sends pre-produced packages or elements to the mobile truck on large removable disks or if the truck is network connected transferred and then moved to the appropriate production device. It’s not practical to scan terabytes of content right before a broadcast. The content originator should certify the media is clean.

However, the other potential threat condition is freelance technical operators (e.g. vision mixers/technical directors, graphic operators) that occasionally work from home on elements or their device profiles and bring it to a live event on their personal removable drives, that may also have been used for other non-production personal things and possibly gotten infected by a virus or malware. If left un-tested, it could infect the whole truck, interrupt the live broadcast and as media moves between truck vendors, possibly infect the entire compound. This can all be avoided by a simple scan of the removable drive on a dedicated threat scanning computer.

Cloud has complicated this discussion because cloud means access to open Internet, good grief. Unfortunately, once a computer based production device is allowed to access the Internet, human nature kicks in and people tend to surf, search, check email, etc., and this of course exposes the dedicated production computer/server to potential cyber threats.

Broadcast manufacturers are coming to the realization that they need to allow their products to co-exist with threat protection technology. If the financial community can support threat prevention and still perform high volume, high speed trading, then the broadcast manufacturers should be able to figure out how to optimize their products and not require the threat protection to be removed or disabled.

On one of my projects, the client’s IT department would not allow the vendor to disable threat protection on their servers. The vendor’s applications performed poorly or not at all, and blamed it on the threat product. The broadcast department couldn’t accept the poor performance of the product they spent a lot of money on. Fortunately, my client had enough clout to bring the threat vendor, the IT dept. and production vendor together, get them to work together and figure out a configuration that would work. The goal was to allow threat protection to run on the servers without compromising performance, it took a bit, but they were successful. It didn’t need to be as hard as it was!

Addressing cyber security is probably more about policy and governance than it is about technology. No technology will solve the challenge if the users are not willing to follow guidelines and policies designed to protect them not inhibit them from doing their jobs. The threat protection companies specialize in identifying threats and maintaining their products to provide protection. There is no need for production application vendors to get into the threat protection business, just enable the applications to co-exist in the same environment doing their respective jobs.

Production manufacturers need to work closely with the threat guys to find the optimum configurations to maintain the high-performance media requires. At the same time the production personnel need to follow good cyber hygiene policies to reduce the likelihood of a potential threat.

As the entire broadcast industry moves to implement ST2110, NMOS, leaf spine network, PTP and everything else, it is critical that threat protection and good cyber hygiene be given the same level of importance and priority.

Technology is not always the answer, good policies, governance and training are equally if greater in importance and value.

If the program doesn’t make it to air, whether it’s live or pre-recorded, the financial impact is far greater than the cost to prevent it.

Good cyber security hygiene is all about threat protection and governance that need to work hand in hand to avoid any disruption of program delivery. This impacts all areas of media - news, sports and entertainment and on any platform.

You might also like...

IP Security For Broadcasters: Part 1 - Psychology Of Security

As engineers and technologists, it’s easy to become bogged down in the technical solutions that maintain high levels of computer security, but the first port of call in designing any secure system should be to consider the user and t…

Demands On Production With HDR & WCG

The adoption of HDR requires adjustments in workflow that place different requirements on both people and technology, especially when multiple formats are required simultaneously.

If It Ain’t Broke Still Fix It: Part 2 - Security

The old broadcasting adage: ‘if it ain’t broke don’t fix it’ is no longer relevant and potentially highly dangerous, especially when we consider the security implications of not updating software and operating systems.

Standards: Part 21 - The MPEG, AES & Other Containers

Here we discuss how raw essence data needs to be serialized so it can be stored in media container files. We also describe the various media container file formats and their evolution.

NDI For Broadcast: Part 3 – Bridging The Gap

This third and for now, final part of our mini-series exploring NDI and its place in broadcast infrastructure moves on to a trio of tools released with NDI 5.0 which are all aimed at facilitating remote and collaborative workflows; NDI Audio,…