BlueVoyant, an international cyber defence company, has today released the findings of a new report, “Media Industry Cybersecurity Challenges: A Vendor Ecosystem Analysis.” The research found that 30% of media vendors are susceptible to compromise via vulnerabilities discovered in their publicly accessible online presence. These critical vulnerabilities are known to be exploitable by malicious actors.
The media ecosystem is one of the most complex, which makes it challenging for companies to securely produce, distribute, and manage content. From concept to camera and from camera to consumer, media companies are dependent on vendors, service providers, partners, and technologies. Exploitation of the found vulnerabilities can lead to potential loss of content and operational disruption.
BlueVoyant undertook this research to raise awareness of cyber defence challenges media companies are facing and to help the industry better defend against attacks. The research was completed using BlueVoyant’s Terrain: 3PRTM (Third-Party Cyber Risk Management) platform. The platform identifies enterprises’ internet-facing software vulnerabilities and other exploitable opportunities with techniques similar to those used by external cyber attackers while profiling prospective targets.
The study was led by Joel Molinoff, BlueVoyant vice chairman and former executive vice president and chief information risk officer for CBS Corporation, and Dan Vasile, BlueVoyant vice president of strategic development and former vice president of information security at Paramount.
“The media industry is facing many cybersecurity challenges — from content leaks that directly impact revenue, to cyber attacks on distribution channels, and ransomware,” said Molinoff. “The report shows that media industry vendors are more susceptible to compromise than those in other industries. The silver lining is that the media industry can take proactive steps to improve its cyber defence posture.”
Other key survey findings include:
· The percentage of media vendors susceptible to compromise is double that of a multi-industry benchmark composed of all companies monitored by BlueVoyant
· Half of the most common media vendors providing Content Management solutions have been identified with potentially compromising vulnerabilities
· Timely patching is a significant issue for the media industry, with 60% of identified vulnerable systems still unprotected six weeks after a patch has been issued
“The digital supply chain is a common attack vector not only for the media, but all industries,” said Vasile. “In order to improve their cyber defence posture, media companies should continuously monitor their extended vendor ecosystem, using analysis to prioritise mitigation of the most critical findings.”