In Broadcast - April 2018 - 17

17

www.inbroadcast.com | Vol: 8 - Issue 4 | April 2018

InForm

Cyber Security - WBU-TC
Approach To APAC And Beyond
By Dr Amal Punchihewa, Director Technology
and Innovation of ABU, Vice-Chairman of World
Broadcasting Unions' Technical Committee...

T

he media and broadcasting
industries have been experiencing
increased numbers of cyber threats.
The increasing trend possibly can be
attributed to some of the changes that
the media and broadcasting industries
are undergoing.
Industries are adopting Cloud services,
for financial or agility reasons, multiprotocol delivery of content over IP to
a wide range of consumer devices, OTT
services for direct consumer delivery
of digital content, IP-based technology
(e.g. SMPTE ST 2110) to support
the bandwidths and speeds of next
generation television systems. These
can broaden the threat and make
media and broadcast industries more
vulnerable to attack.
Recently reported cyber attacks on
TV5 Monde, Sony, Comcast, HBO are
some examples of major attacks in the
industry sector. Due to such attacks,
it may result in reputational damage
(news organisation), content piracy
(e.g., Game of Thrones), data leakage
(financial information, personal data,
emails, etc.), software/file corruption
or encryption (ransomware, etc.).
In certain situations, some of these
could result in a media/broadcast
operation's inability to service.
Response
In the North American Broadcaster
Association (NABA), cyber security
was first addressed by the Risk
Awareness and Continuity Committee
(RACC). They produced a requirement
document titled Cyber Security
Requirements for Vendor Products,
Hardware, Software and Services in
October 2015. NABA held its Cyber
Security Symposium in December 2016
in New York, which raised awareness in
broadcasting/media industry in North
America. As a result, NABA established
a Cyber-Security Sub-Committee of its
Technical Committee.
There has been a substantial
amount of work done in European
Broadcasting Union (EBU) in cyber
security. EBU has a well-established
Cyber-Security Committee and has

developed six Recommendations in
recent years:
* R141 - Mitigation of distributed
denial-of-service (DDoS) attacks;
* R142 - Cybersecurity on
Connected TVs;
* R143 - Cybersecurity for media
vendor systems, software
and services;
* R144 - Cybersecurity governance
for media companies;
* R145 - Mitigating ransomware
and malware attacks;
* R146 - Cloud security, including
procurement, architecture
and Cloud service provider
assessment.
At the Asia-Pacific Broadcasting Union
(ABU) we made a recommendation
in October 2016 in Bali during its
technical committee meetings. In
cyber security initiatives and actions,
the ABU has launched some studies
through its topic study areas of the
ABU Technical Committee. ABU-TC
is already collaborating with sister
unions, NABA, EBU and other relevant
organisations. ABU-TC collaborative
work enables us to share some of
the best practices adopted by those
organisations.
WBU is a collection of eight
broadcasting unions in the world.
Its Technical Committee - WBU-TC
- has created a subcommittee on
Cyber Security with a mandate to
establish and maintain best practice
recommendations to prevent, detect
and mitigate cyber attacks from
threat agents; establish minimum
cyber security technical standards /

practice). Recommendation addresses
Communications,
Authentication,
Controls, Documentation, Encryption
and Network Configuration.
The Recommendation document is
available at WBU website at https://
worldbroadcastingunions.org

The industry has sustained
some major cyber attacks

requirements to be incorporated by
equipment manufacturers and service
providers, including all forms of Cloud
services; develop consensus positions
on cyber securities issues in support
of the WBU-TC; provide assistance in
cyber security training and education
to Unions and their members as the
need arises, and represent WBU
positions on cyber security to external
forums.
Recommendation
WBU-TC has produced its first Cyber
Security
Recommendation
and
informed their members and industry.
This combined EBU, NABA, ABU and
other Unions input to produce WBU
Joint Cyber Security Recommendations
for Media Vendors' Systems, Software
and Services released in January, 2018.
Though recommendations to industry,
not requirements, it is strongly advised
to include in RFI's, RFP's and RFQ's
to industry to ascertain a potential
supplier's or product's level of cyber
maturity. This is a "living" document
that is to be reviewed annually.
The
recommendation
identifies
priorities of recommendations: P1
(critical), P2 (important), P3 (best

Basic Cyber Hygiene
The next WBU Recommendation will be
on Basic Cyber Hygiene. It aims to:
* maintain an inventory of every
physical device and system
in the enterprise;
* maintain an inventory of
every software platform
and application authorised
for use in the enterprise;
* ensure all software systems are
patched and operating systems
are at their latest release;
* institute proper Identity
Management (IM);
* institute Multi-factor
Authentication (MFA) and;
* institute Privileged Access
Management (PAM).
WBU-TC believes that by undertaking
the above steps they can prevent up to
about 70% of cyber attacks.
From a management or human
resource point of view, cyber security
function and issues need to be dealt
with at a Board of Directors' and
C-Suite due to risk to the enterprise.
Any cyber security programme
must be implemented throughout
the enterprise, including on-going
governance and risk assessment. It
requires: continuing education of
staff, on-going investment in cyber
security; and dedicated cyber security
group/department to "Protect, Defend,
Detect and Respond" to cyber security
threats - the four key elements of a
healthy programme.
Mitigation Measures
In conclusion, individual broadcasting
unions and the WBU are now engaged
and working diligently on cyber security. The first WBU recommendation to
Media Vendors' System, Software and
Services released to industry in January 2018 would be a great start to the
approach. Implementing basic cyber
hygiene can help to mitigate cyber security threats.


http://www.inbroadcast.com https://www.worldbroadcastingunions.org https://www.worldbroadcastingunions.org https://worldbroadcastingunions.org/

Table of Contents for the Digital Edition of In Broadcast - April 2018

Contents
In Broadcast - April 2018 - Intro
In Broadcast - April 2018 - Cover1
In Broadcast - April 2018 - Cover2
In Broadcast - April 2018 - Contents
In Broadcast - April 2018 - 4
In Broadcast - April 2018 - 5
In Broadcast - April 2018 - 6
In Broadcast - April 2018 - 7
In Broadcast - April 2018 - 8
In Broadcast - April 2018 - 9
In Broadcast - April 2018 - 10
In Broadcast - April 2018 - 11
In Broadcast - April 2018 - 12
In Broadcast - April 2018 - 13
In Broadcast - April 2018 - 14
In Broadcast - April 2018 - 15
In Broadcast - April 2018 - 16
In Broadcast - April 2018 - 17
In Broadcast - April 2018 - 18
In Broadcast - April 2018 - 19
In Broadcast - April 2018 - 20
In Broadcast - April 2018 - 21
In Broadcast - April 2018 - 22
In Broadcast - April 2018 - 23
In Broadcast - April 2018 - 24
In Broadcast - April 2018 - 25
In Broadcast - April 2018 - 26
In Broadcast - April 2018 - 27
In Broadcast - April 2018 - 28
In Broadcast - April 2018 - 29
In Broadcast - April 2018 - 30
In Broadcast - April 2018 - 31
In Broadcast - April 2018 - 32
In Broadcast - April 2018 - 33
In Broadcast - April 2018 - 34
In Broadcast - April 2018 - 35
In Broadcast - April 2018 - 36
In Broadcast - April 2018 - 37
In Broadcast - April 2018 - 38
In Broadcast - April 2018 - 39
In Broadcast - April 2018 - 40
In Broadcast - April 2018 - 41
In Broadcast - April 2018 - 42
In Broadcast - April 2018 - 43
In Broadcast - April 2018 - 44
In Broadcast - April 2018 - 45
In Broadcast - April 2018 - 46
In Broadcast - April 2018 - 47
In Broadcast - April 2018 - 48
In Broadcast - April 2018 - 49
In Broadcast - April 2018 - 50
In Broadcast - April 2018 - 51
In Broadcast - April 2018 - 52
In Broadcast - April 2018 - 53
In Broadcast - April 2018 - 54
In Broadcast - April 2018 - 55
In Broadcast - April 2018 - 56
In Broadcast - April 2018 - 57
In Broadcast - April 2018 - 58
In Broadcast - April 2018 - 59
In Broadcast - April 2018 - 60
In Broadcast - April 2018 - 61
In Broadcast - April 2018 - 62
In Broadcast - April 2018 - 63
In Broadcast - April 2018 - 64
In Broadcast - April 2018 - 65
In Broadcast - April 2018 - Cover3
In Broadcast - April 2018 - Cover4
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201904
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_NABSHOW2019
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201903
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_cabsat2019
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201902
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201901
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_INREVIEW2018
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201812
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201811
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_NewYork2018
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201810
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_inshowguide2018
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201809
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201808
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201806
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201805
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201804
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_NABSHOW2018
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201803
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201802
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_cabsat2018
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201801
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201712
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201711
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201710
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_NABSHOWNYexpo2017
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201709
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_inshowguide2017
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201708
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201707
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201705
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_NABSHOW2017
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201704
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_cabsat2017
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201703
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201702
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201701
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_INREVIEW2016
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201612
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201611
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_NABSHOWNYexpo
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_20110708_DEMO
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201610
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_inshowguide2016
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201609
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201608
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201607
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201606
http://europe.nxtbook.com/nxtbooks/lesommet/inbroadcast_APAC03
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201605
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_NABSHOW2016
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201604
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201603
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_cabsat2016
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201602
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201601
http://www.nxtbook.com/nxtbooks/lesommet/inbroadcast_APAC02
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201512
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201511
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_CCW15expo
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201510
http://www.nxtbook.com/nxtbooks/lesommet/inbroadcast_APAC01
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201509
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_IBC2015
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201508
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201507
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201506
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_BROADCASTASIA2015
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201505
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201504
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_NABSHOW2015
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201503
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_cabsat2015
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201502
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201501
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201412
http://www.nxtbook.com/nxteu/lesommet/inbroadcast_201411
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201410
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201409
http://europe.nxtbook.com/nxteu/lesommet/inbroadcastIBCPRINTEDGUIDE_201409
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201408
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201407
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201406
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201405
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201404
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201403
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201402
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201401
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201312
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201311
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201310
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201309
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201308
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201307
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201306
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201305
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201304
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201303
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201302
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201301
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201211
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201210
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201209
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201208
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201207
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201206
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201205
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201204
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201203
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_201202
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_20121201
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_20111011
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_20110708
http://europe.nxtbook.com/nxteu/lesommet/inbroadcast_20110506
http://www.nxtbookMEDIA.com