Cybersecurity for Broadcast

Cybersecurity For Operators, Broadcasters and Suppliers: Key Areas of Focus - $15

The media supply chain is extensive and many companies and organisations can be involved at different points as an original concept is developed and progressed towards a deliverable production. The level of awareness of cyber security issues within those organisations can vary, from extensive down to limited making the process only as strong as the proverbial weakest link in the chain.

In this talk we look at the key stages in the supply chain:
– Media Production
– Media Distribution
– Media Consumption

For each we examine the key areas of vulnerability (illustrating with real-world examples) and the security countermeasures that need to be invoked. We take a holistic approach where we consider the role of processes, technologies and people – the staff that work in these companies – in developing a robust cybersecurity strategy.

Johan Craeybeckx | Eurofins Digital Testing | Hasselt, Belgium

Cybersecurity Framework for Broadcaster - $15

From the onset of broadcasting industry,?be it radio, television, satellite or even streaming, “high-availability”?and “real-time”?services?have always been mission critical. With an ever-increasing shift from traditional broadcasting system to an IP-based infrastructure, media companies are inheriting risks associated with IP networks, and extended threat landscape. In addition, conflict with data ownership, protection and accessibility across functions (i.e. IT, broadcast engineer, production team and journalist) often complicates risk mitigation?efforts. In this paper, we propose a robust security architecture based on industry standards such ST2110 and NMOS framework coupled with best practices not only mitigating immanent threats but also equipping departments with tools, practices, and role changes in better preparation to cyberattack.

Most broadcasters find IT security, such as patch management as roadblocks to their operations. They on one hand struggle with audit compliance and on the other hand risk being off-air ? the most dreadful thought for a broadcaster.

Another challenge is the flexibility of creating content for Journalist and Production teams in a network environment that is segregating with multiple VLANs behind Firewall and other security devices. In a fast-paced environment, the content that goes through broadcasting Network to be ?On Air?, is often created using unsecure SMB share or FTP protocols, making the system vulnerable to risks associated with human-error, system misconfiguration, or simply intrusion of any kind.

In the proposal, we share case studies from our security reviews of leading broadcasting companies in Canada, and provide detailed explanation of the security architecture framework based on the following key points:
– Safeguard network traffic by introducing smart layered approach
– Limit reliance on excessive network devices to reduce network latency
– Introduce ?Transmission Gateway? as a unidirectional network layer restricting network flow from broadcast network to production network
– Securing network from external devices/files (i.e. USB, websites, etc.)
– Adopting secure IP protocols and protected channels necessary
– Securing interoperability between vendors by applying NMOS framework
– Analyzing and implementing integration touch points with ST-2110

Cybersecurity threats cannot be ignored especially for a broadcasting industry where a downtime of few seconds could cost millions in revenue let alone the reputation loss. The proposed framework is a step towards more resilient infrastructure and improved cyber hygiene practices, while maintaining network efficiency and scalability.

Yanni Garcia | Gemini Team Security | Arcata, CA, USA
Omeir Khan | Gemini Team Security | Arcata, CA, USA