Cyber security impacts everyone and every industry. One unifying comment from cyber security experts is the bad guys are mostly winning. The good guys are fighting the good fight and we each need to do our part. One of the more challenging aspects of cyber security is cyber policy, governance, guidelines and training. I call this “good cyber hygiene”.
As the broadcast industry has become largely computer based evolving away from proprietary hardware, it opens the door and reality to cyber threats. At the same time there are many challenges and obstacles to implementing a hardened cyber security threat protection system into a mission critical broadcast environment. Media does not play well with threat protection, broadcast applications struggle to maintain the high performance required by media applications while scanning and monitoring for potential threats.
After a few “close calls”, the live sports production community has elected to work together to develop a set of policies, guidelines and governance rules that are universal across suppliers, rights holders and broadcasters. The remote production companies get cyber security compliance requirements from all of the major broadcasters prior to major events. In many cases, the requirements overlap or are consistent across all the content owners. What they are hoping to achieve is an acceptable set of cyber governance guidelines and policies that embraces the requirements and concerns of the entire community and develop a common set that can be “standardized”, approved and enforced by all.
For any remote event, the broadcaster typically sends pre-produced packages or elements to the mobile truck on large removable disks or if the truck is network connected transferred and then moved to the appropriate production device. It’s not practical to scan terabytes of content right before a broadcast. The content originator should certify the media is clean.
However, the other potential threat condition is freelance technical operators (e.g. vision mixers/technical directors, graphic operators) that occasionally work from home on elements or their device profiles and bring it to a live event on their personal removable drives, that may also have been used for other non-production personal things and possibly gotten infected by a virus or malware. If left un-tested, it could infect the whole truck, interrupt the live broadcast and as media moves between truck vendors, possibly infect the entire compound. This can all be avoided by a simple scan of the removable drive on a dedicated threat scanning computer.
Cloud has complicated this discussion because cloud means access to open Internet, good grief. Unfortunately, once a computer based production device is allowed to access the Internet, human nature kicks in and people tend to surf, search, check email, etc., and this of course exposes the dedicated production computer/server to potential cyber threats.
Broadcast manufacturers are coming to the realization that they need to allow their products to co-exist with threat protection technology. If the financial community can support threat prevention and still perform high volume, high speed trading, then the broadcast manufacturers should be able to figure out how to optimize their products and not require the threat protection to be removed or disabled.
On one of my projects, the client’s IT department would not allow the vendor to disable threat protection on their servers. The vendor’s applications performed poorly or not at all, and blamed it on the threat product. The broadcast department couldn’t accept the poor performance of the product they spent a lot of money on. Fortunately, my client had enough clout to bring the threat vendor, the IT dept. and production vendor together, get them to work together and figure out a configuration that would work. The goal was to allow threat protection to run on the servers without compromising performance, it took a bit, but they were successful. It didn’t need to be as hard as it was!
Addressing cyber security is probably more about policy and governance than it is about technology. No technology will solve the challenge if the users are not willing to follow guidelines and policies designed to protect them not inhibit them from doing their jobs. The threat protection companies specialize in identifying threats and maintaining their products to provide protection. There is no need for production application vendors to get into the threat protection business, just enable the applications to co-exist in the same environment doing their respective jobs.
Production manufacturers need to work closely with the threat guys to find the optimum configurations to maintain the high-performance media requires. At the same time the production personnel need to follow good cyber hygiene policies to reduce the likelihood of a potential threat.
As the entire broadcast industry moves to implement ST2110, NMOS, leaf spine network, PTP and everything else, it is critical that threat protection and good cyber hygiene be given the same level of importance and priority.
Technology is not always the answer, good policies, governance and training are equally if greater in importance and value.
If the program doesn’t make it to air, whether it’s live or pre-recorded, the financial impact is far greater than the cost to prevent it.
Good cyber security hygiene is all about threat protection and governance that need to work hand in hand to avoid any disruption of program delivery. This impacts all areas of media - news, sports and entertainment and on any platform.
You might also like...
Felix Krückels is a certified audio engineer who graduated from the Detmold University of Music and has been involved in immersive audio since 2012. He was there when NHK launched its Super Hi-Vision project with the help of Lawo.
Whenever I’m asked about my opinion on the transition to IP, I always state that the impact can’t be appreciated until its history is understood. This brings into context the need for broadcasters to educate and surround themselves wit…
With the emergence of the cloud into the media production and delivery space, the broadcast and media industry must embrace an entirely new approach to acquiring and deploying technology. Large capital expenditures (CapEx) are increasingly being replaced by operating expense …
It seems almost superfluous today to specify that audio is digital because most audio capture, production and distribution today is done numerically. This was not always the case and at one time audio was primarily done without the help of…
There is level and then there is loudness. Neither can be measured absolutely, but by adopting standardized approaches it is possible to have measurements that are useful.