The Media & Entertainment Services Alliance (MESA) recently discussed GRIMM\u2019s strategies with Bryson Bort, founder of the Washington, D.C.-based company.<\/p>\n
\u201cAt GRIMM, we believe the best way to thoroughly assess and remediate risk is to get to know a client: their business and culture along with the technical,\u201d he told MESA. \u201cIn reality, the largest surface area vulnerable to cyberattack is the people working in a company. Without this focus, a vendor simply won\u2019t get the necessary feel for each organization\u2019s unique culture, internal norms and behaviors to prioritize support and provide tailored recommendations that speak to that business,\u201d he said.<\/p>\n
There\u2019s also the need to assess the business itself, he said, explaining: \u201cA security vendor can\u2019t simply start hacking client systems; to do the job correctly, they need to first assess the practical constraints and business rules for each client\u2019s situation because the violation of those is what matters. While other vendors offer technical prowess, it\u2019s just not the same as truly understanding and supporting the business to this depth.\u201d <\/p>\n
That level of partnership that GRIMM forges with clients is \u201cwhat sets us apart\u201d from rivals, he said.<\/p>\n
R&D and Experience<\/strong><\/p>\n GRIMM offers security engineering and consulting services that are \u201cbacked by research and development in delivering what we refer to as the art of the possible in cybersecurity,\u201d he said. <\/p>\n The company\u2019s team is made up of leaders who have \u201cdeep cyber expertise in application security, software testing, embedded systems and industrial controls, consulting and training,\u201d he noted, adding: \u2028\u201cWithin each of those domains, we offer penetration (pen) testing, red team emulation, customized data protections and development, and data identification and recovery. Our work is supported by a unique tool, called TRIKE, which enables us to codify business rules and assets. That\u2019s really the definition of what\u2019s interesting in a vulnerability assessment: to put things in the context of the business and its rule sets, so security can be strengthened in a practical, business-supportive way.\u201d<\/p>\n With its many clients, GRIMM has worked with several relevant technologies, including content delivery management\/networks, data storage, streaming, networking technologies, mobile applications and encryption.<\/p>\n \u201cWe can help M&E companies protect data and prevent piracy of intellectual property,\u201d Bort said, pointing out GRIMM \u201crecently worked with a major automotive manufacturer to up-level their security program and posture.\u201d <\/p>\n The automotive sector faces \u201can interesting challenge in that the complexity and volume of systems included in a new vehicle requires the work of multiple internal teams and external suppliers, which often happens in silos,\u201d he said, adding: \u201cGiven some internal constraints with our client, we needed to independently research information to perform our work. In that process, we discovered that six-and-a-half gigabytes of the company\u2019s firmware available on a Russian server. Another example was a client in the management consulting sector. Concerned with improving the rigor of their internal security, we were brought in to help them harden their enterprise. Within the first two hours of starting work, we found 14,000 instances of client data spillage on the dark web. Both of these examples of tracking down lost data are applicable to the interests of M&E companies, such as, for instance, film producers.\u201d<\/p>\n Another need is encryption to protect and control content, and GRIMM offers \u201cdeep expertise in this area, having performed numerous encryption implementations and reviews for enterprise, mobile and embedded systems,\u201d he said, noting the company provided security services for Cardano Ada cryptocurrency.<\/p>\n GRIMM began as a small start-up working on high-end government security projects. <\/p>\n Since then, it has \u201cgrown a substantial commercial practice serving a diverse range of industries,\u201d Bort said, adding: \u201cBecause reliable, repeatable process is essential to our work, we recognized the need for a trustworthy tool to facilitate it. We use the TRIKE system that provides the key foundation of understanding a business. We\u2019ve also built numerous penetration testing tools and release open source projects for the community. Because red teaming is so important to our clients\u2019 success, we developed CROSSBOW in cooperation with a Fortune 50 company, an automated cybersecurity platform that enables organizations to quickly and easily validate their defenses. This technology was so powerful, with such promise, we spun it out into SCYTHE, where CROSSBOW is commercially available.\u201d<\/p>\n The ability to control the movement of content \u2014 whether that is rapid streaming, preventing ransomware or theft, or managing access globally \u2014 is crucial in the media business today, he also said, explaining: \u201cThe sheer scale and speed are exponentially higher, as are the stakes, than even five years ago. High-profile exploits like those against Netflix and HBO reinforce the importance of managing risk in the content supply chain.\u201d<\/p>\n Supply Chain Concerns<\/strong><\/p>\n The supply chain provides a \u201csignificant challenge that M&E companies are still grappling with today,\u201d he went on to say, adding: \u201cContent developers depend on and have to entrust numerous third parties with their content, all the way to and through its distribution. Content distribution has changed dramatically in the age of 24\/7 streaming to highly-targeted audiences. And, while massive amounts of content exist, the legacy of disparate computer systems housing it across the supply chain means most M&E companies don\u2019t have a single, trusted view of it. That\u2019s not only inefficient for the business, it increases vulnerability. Today\u2019s digital format is unfortunately more susceptible to leakage; and the expanded volume of content produced increases the costs of associated risks exponentially. Thus, there\u2019s a growing need for security among content distributors and others in the ecosystem.\u201d<\/p>\n GRIMM helps address that challenge via third-party vendor security assessments across the supply chain, and by integrating technical protections for content such as source attribution and data tracking and retrieval, he said. <\/p>\n The company \u201chelps pinpoint threat areas, assess and develop vendor management ecosystems and refine data resiliency programs, including access management,\u201d he noted, adding GRIMM \u201csaves on time, effort and loss by managing risks to data throughout its lifecycle.\u201d<\/p>\n Top M&E Concerns<\/strong><\/p>\n Data protection and piracy are \u201cclearly leading concerns for M&E companies\u201d today and will likely continue to be concerns in the future as well, he told MESA. \u201cNo one wants to be the next big breach headline,\u201d he noted, adding: \u201cThere is still a long way to go in solving these problems since the size, speed and scope of threats continually evolves. While in the past it was common for specific companies or individuals to be directly targeted, we are now in a threat environment where this is risk of accidental \u2018collateral\u2019 damage. The open dissemination of powerful nation state-level computer exploits greatly contributes to today\u2019s threat environment. Attacker access to this unprecedented knowledge led to blockbuster cyberattacks like WannaCry and NotPetya, which caused billions of dollars in collateral damage.\u201d<\/p>\n Bort went on to predict: \u201cMore nation-state and military-grade capabilities and exploits will be exposed and released, especially as the cost of cybercrime continues to drop and the skills can be easily hired on the dark web. The rapid spread, scale and breadth of these attacks heralds a future where this is the new norm.\u201d As examples, he noted that the big threat news in 2016-2017 was ransomware, but now it\u2019s crypto-jacking.<\/p>\n \u201cBecause of the high value of crypto currencies, more attackers are stealing your computer cycles to silently mine cryptocurrency,\u201d he said, concluding: \u201cSuch attacks extend from computers to mobile to smart Internet-of-Things (IoT) devices \u2013 they go everywhere and apply to everyone. This paradigm shift should be a wake-up call for M&E organizations, and prompt different thinking about risk. The first step is recognizing that today we are all in this together. Basic security practices are not enough. Our mission is to work with clients to deeply assess and understand their business realities, then help strengthen their security environment to the hardened level appropriate for today\u2019s threats.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":" Piracy and other cybercrimes continue to present major challenges for the media and entertainment (M&E) industry. For the past six years, GRIMM has been offering security engineering and consulting services … Continue reading GRIMM: A Tailored Approach to M&E Security and Risk Assessments<\/span> ![\"\"](\"http:\/\/www.mesalliance.org\/wp-content\/uploads\/2018\/04\/Screen-Shot-2018-04-25-at-10.03.39-AM-e1524670681973-1024x452.png\")
Content Protection Approach<\/strong><\/p>\n