NAB 2015 Attendees: Is Your Security Model Threat-Centric?
Cyber-Security: it has always been important for video entertainment companies. But times have changed- now it’s mission critical. Top of mind again this last few days, the events of the last 6 months have proven this point. If cyber-protection is not bullet-proof, any video entertainment company is living on borrowed time… and that bill is going to come due with potentially disastrous consequences.
There is a second change going on: security at video entertainment companies used to focus on protecting content in the distribution chain – DRM, CAS and the like. But there are many more ways to lose content – many more places in the “connected” production chain where content can be stolen. For instance, as has happened in the last few months, if an attacker can gain access to a connected data center, that attacker can simply steal content from disk drives and publish it, completely circumventing the security mechanisms in the distribution chain. It may be counter-intuitive, but protecting premium content actually helps grow revenue.
Those of us in the video business, have done a good job protecting content in the cyber-distribution chain, but if content is stolen from data centers before it gets to distribution, this is irrelevant, becoming a classic case of barring the door after the horse has bolted. The implications are clear. Every video entertainment company must look to its defenses. And those defenses must cover the whole value chain – every part of the company – because whole-enterprise security is only as strong as its weakest link.
So if we all need rock solid, end-to-end security, how are we doing? The data points suggest not that well…In addition to the disastrous outcomes we have all seen and can name, there are plenty of telling statistics. Most telling of all, for me, is that the average business maintains disparate security systems, from malware and firewalls, to DRM and cryptography, from as many as 45 different vendors. With an environment like this, how can any company understand what its overall security situation is? Is there a hole which none of the 45 vendors address? Or, contrastingly, are multiple vendors focused on the same problem?
For these key reasons, an end-to-end, “cloud to ground” security topology is increasingly difficult for broadcast and studio enterprises to sustain. Especially considering the diversifying threat environment they face, and the complexity of the protection ecosystem they have deployed.
What to Do
Cisco proposes- as we will demonstrate on the NAB Show floor this week, the adoption of an integrated threat-centric security model, which anticipates, protects and contains security vulnerabilities across the threat continuum.
A threat-centric security model defines what to do before, during and after a security breach. In other words, comprehensive security – firewalls, content encryption and access control methods, for example – are critical preparations for an attack, but are they enough? We need to be able quickly recognize an attack is occurring, identify the nature of that attack and deploy countermeasures to contain it. How do we do that? , Likewise for the “after” of a security breach: the immediate damage is done, but what can be done to quarantine affected components, restore lost data, resume operations and prevent similar breaches in the future.
And finally, how do we integrate all these aspects of security into daily operations? Especially when the industry is simultaneously moving to an open, virtualized operational model, using cloud components.
These are key questions to ask, when considering the future of your security environment. And when it comes to putting together a threat-centric system, we have the answers. Our threat-centric security solutions provide the unmatched visibility, consistent control and protection for broadcast and studio enterprises. And our VideoGuard Security Solution already protects more than $100 billion in annual global pay TV revenues; We’ve been at it for more than 25 years. We’re deployed across cloud, network and premises. We’d love to show it to you! Come see us — NAB booth #N802.
Tweet us with your pictures, questions or comments at @CiscoSP360.