Richey May Tech: Remote Working a Daunting Security Challenge

Ransomware, piracy, spoilers, leaks … Hollywood’s list of concerns is a constant reminder to keep your security at the forefront.

But while the protocols were pretty straightforward before the pandemic — security guards, ID badges, door access control, wired air-gapped networks, firewalls, CCTV, secure file-transfer, etc. — things have changed considerably in just a couple months.

The overall threats remain the same, but protecting against them is a new world, according to Michael Wylie, director of cybersecurity services for Richey May Technology Solutions.

“Here comes 2020,” he said May 12, speaking at the Cybersecurity & Content Protection Summit (CCPS), being held digitally as part of the NAB Show Express experience. “We no longer have those things. Work-from-home is our greatest threat.”

“Businesses activated their business continuity plans overnight,” he said. “It was a very quick transition, and a lot of people didn’t plan on it. In the media and entertainment space, some organizations had remote workflows, but others who we work with who weren’t so secure in their cybersecurity hygiene didn’t have a plan.”

The list of work-from-home security concerns that have been revealed are daunting: mass phishing campaigns, roommates and kids who can access home computers, insecure Wi-Fi networks, no firewalls, no central logging, sensitive conversations and screen-sharing on Zoom, all-time high usage of VPN and remote-desktops … it’s enough to make any CISOs head hurt.

“Computers were moved from secure studio facilities to employees dining room tables,” Wylie said. “2020 has brought a lot of new risks.”

There needs to be a new way of thinking about your cybersecurity, where prevention of attacks and threats is ideal, but detection has become an absolute must. M&E companies should be securing the endpoint as a new perimeter, developing a COVID 19 exit strategy, improve remote security architecture, and constantly keep current with the latest COVID 19-related threats, review policies and procedures, Wylie said.

“Securing creative in the year of breaches means detection is a must, and securing the endpoint as a new perimeter. Think of the endpoints as layered security,” he added. “Ask whether you need more controls in place.”

Presented by Richey May Technology Solutions, with sponsorship by Akamai, Cyberhaven, Microsoft Azure, SHIFT, Convergent Risks, and the Trusted Partner Network (TPN), the Cybersecurity & Content Protection Summit focused on the latest cybersecurity and content protection challenges studios, broadcasters and vendors alike are facing during the ongoing pandemic.

Produced under the direction of the Content Delivery & Security Association (CDSA) Board of Directors and content advisors representing Amazon Studios, Adobe, Paramount, BBC Studios, NBCUniversal, Lionsgate, WarnerMedia, Amblin Entertainment, Legendary Pictures, and Lego Group, this year’s Cybersecurity & Content Protection Summit looked ahead at the challenges facing the security community in 2020 and beyond.