The Problems of Cybersecurity in the Film & Media Industry
Date: 16 June 2022
The digitisation of the film and media industry has brought fantastic benefits to its stakeholders, allowing filmmakers and artists to save millions of US dollars and simplify their operational processes. However, no good thing comes without its share of problems and the case is no different for the media ecosystem.
As content creation and distribution has become more democratic and the use of cloud storage has amplified tremendously, cybersecurity as a concern has become increasingly significant to this industry like it is for many others.
In recent years, news about media and movie-making companies being attacked by Internet hackers appears on our news feeds more often than not.
One of the latest examples of attacks on intellectual property and sensitive personal data is the attack on Rupert Murdoch’s News Corp. Attackers, allegedly, hacked email accounts of journalists to get data about the confidential sources of their information.
Similarly, Norwegian media company, Amedia, suffered a massive cyberattack that apparently shut down the company’s systems such that it couldn't publish newspapers. Apart from affecting millions of its subscribers, the company lost out on huge amounts of advertising revenue.
However, the leakage of personal information of users and staff is not the only thing that the media and film industry has to deal with because of cyber-attacks. One of the biggest problems for this industry is the safety of its products in the production and post-production stages.
The popular HBO case illustrates the key threats for the film industry perfectly. Several episodes of the most iconic HBO shows, ‘Game of Thrones’ and ‘Orange is the New Black’ were leaked online, the latter in a ransomware attack. Sadly though, these examples are just the tip of the iceberg when it comes to the wreckage that cyber-attacks and ransomware attacks can cause to film and media companies.
Let’s take a look at some of the main cybersecurity-related problems that plague this domain.
4 Main Cybersecurity Concerns of the Film and Media Industry
1. Increased Reliance on Digital Tools: Tapes and film have become things of the past, giving way to digital cameras and cloud storage. While the progress in this direction is great, the use of cloud servers, video editing software, and other digital tools in movie production and post-production create vibrant playgrounds for cybercriminals. As the use of digital technologies and virtual storage platforms increases, so does the vulnerability of the players in the industry against cyber-crime.
Players in this space must pay serious heed to the cybersecurity infrastructure of the cloud platforms and other technologies that they use. This can play a vital role in the protection of their intellectual property.
It is also becoming increasingly important for production houses and media companies to build a strong cybersecurity team with good policies and procedures.
The team must also be trained in Cyber Incident Planning and Response so that they know what action to take and how to limit damage in case an HBO-like situation arises. Having a sound Incident Response Plan and basic Ransomware Readiness Checklists are good places to start from.
2. Partnerships with external stakeholders: It takes hundreds of experts to make one movie or show. This means that every project involves several external stakeholders such as special effects specialists, sound directors, engineers and many others. It’s difficult to keep a check or control on the security system of all these external partners.
So even if the company’s servers are well-protected and safe, there’s no guarantee that the hackers won’t find a weak link in the chain of specialists involved in the process. This is one of the reasons why film and production houses need to start looking at the cybersecurity of their external partners with greater attention.
It’s even worthwhile to bring external cybersecurity specialists on board, such as Virtual CISOs or Virtual Cyber Assistants, who can help the production house evaluate and determine their own breach readiness and that of their partners to some extent.
In fact, the time is not too far when film & media houses will have to assess the ransomware readiness and overall cybersecurity infrastructure of their partners with as much scrutiny as they evaluate their creative potential at the moment.
3. The Use of Unsecured Video Editing Software: Double-checking the source of the video editing software should become a good habit for every person working with video footage.
This is important because breaking the programme’s codes and filling them with malware is one of the easiest ways that hackers can break in.
Any type of software that is downloaded from the Internet, especially if it is for corporate use, should be licensed and received from official sources only. Even if you use open-source software, like Shotcut, it should come from its official website. Those who need a professional-grade programme for video editing packed in a user-friendly interface should consider options like the ultimate video editor by Movavi. Those who seek advanced VFX features may opt for LWKS or FXhome products.4. Underestimation of Cyber Threats
Vulnerability to cyber threats starts with underestimating the impact cyber-attacks can have on your business. While it may be an outdated and traditional point of view, many creative houses and artists often tend to believe that cybersecurity is a concern only for banks, financial institutions, large tech companies and such like.
However, this preconception is far from the truth. Unfortunately, this mistake is repeated year after year. Even large film and media organisations don’t invest adequately in bolstering their cyber defences. The result is leaked episodes, compromised data and ultimately loss of revenue.
Hiring reputable cybersecurity experts is the first thing that film and media companies need to start thinking about. Expert external specialists can help you conduct a cyber health check and mitigate your vulnerabilities over time. They can also help you strengthen your response strategies and build muscle memory through Cyber Tabletop Exercises that rehearse your Cyber Crisis Response Plans.