Cyber Security in Media



In the past decade, media and entertainment companies have embraced digital technologies that help them not only create and deliver their products in new and compelling ways, but also collect, store and use a massive amount of data to gain deeper insights into their customers. The digital revolution has fundamentally changed virtually every aspect of media and entertainment companies’ business and technology. Closed, end-to-end controlled and proprietary networks are giving way to multi-service and multi-protocol delivery over IP to consumer-owned devices such as smartphones, tablets, smart TVs, and PCs.


The pressure to maintain an ‘always on’ service on the one hand, and to keep their reputation as a company on the other hand, makes that media and entertainment companies are very vulnerable to cyber attacks.


That’s the reason we set up a seminar about cyber security on the 12th of December.


The program:
 
12h30 | Welcome & registration - (sandwiches provided)
 
13h30
| Keynote Tom Van de Wiele | Principal Security Consultant, Cyber Security Services F-Secure, Danmark
 
Hackers love your cloud services
With organizations depending on cloud based services, criminals have caught up in attacking the infrastructure and the users of outsourced services. Organizations want assurance about their security maturity with or without the cloud. F-Secure’s Tom Van de Wiele will talk about some of the trends that come with outsourced security. Or the lack there of.
 
14h10
| Abdul Hakim | Senior Project Manager, Digital Production Partnership, UK
 
Building confidence in the supply chain
The DPP's Committed to Security Programme, launched at IBC 2017, was developed with security professionals drawn from the DPP Membership. The Programme is designed to help suppliers in the media industry demonstrate their commitment to security best practice, and to enable customers to buy with confidence. Within just a few weeks of launch 50 companies have already applied to the scheme.
 
So why has the Committed to Security Programme gained such widespread and rapid adoption?
 
This session will explore the philosophy behind the programme, how it works, and what it takes to be awarded the Committed to Security Broadcast and Production Marks. 
 
14h30
| Dr. Susanne Guth-Orlowski | VP Business Development & Sales, castLabs, Germany
 
Different levels of security in the Video Content Business
- DRM requirements from Studios/Content Owners. DRM as a service for VOD and LIVE content. Showing the entire content flow (including secure playback: Player Hardening for Software-based DRM)
- Using a cloud-based service. Is that secure? Introduction of Secure Cloud Technology AND Security Audits (and how they make cloud-based service secure)
- Using DRM in the content postproduction. Introducing new fields of DRM with a case study.
 
14h50
| Pascal Geenens | Cyber Security Evangelist EMEA & CALA, Radware
 


Battle of the IoT bots - How IoT Changed the DDoS Threat Landscape
2017 may already be defined as the year of IoT threat.
With millions of vulnerable IoT devices directly accessible on the internet, a new breed of botnets have emerged which affected the DDoS threat landscape as the economy of the attack. For the price of a coffee, anyone can now order and perform DDoS attacks with the ability to disrupt services and online businesses for hours, days or even weeks. The number and volume of DDoS attacks have grown into a global threat that impacts everyone with an online presence. Be it for ransom, competitive edge, hacktivism or retaliation by disgruntled customers and employees.

Spawned from last year's Mirai botnet, the IoT threat landscape has become so vast that vigilante bots are now purposefully destroying vulnerable devices. IP cameras, DVRs, routers are enslaved and taking part in armies of bots which benefits its herders millions by selling DDoS-as-a-Service packages, while grey hats are looking for unconventional solutions to solve an unconventional problem.

Join to learn about the impact of IoT on the economy of the DDoS attack and how it affected the DDoS threat landscape. Discover the most common exploits and vulnerabilities abused by current IoT bots and the unconventional solution provided by vigilante bots.

Understand how the current state of IoT makes you a potential target for DDoS and how to protect against these new threats.


15h10 | Break
 
15h30
| Alessandro Esposito| Edge Services Lead | EU South, Amazon Web Services EMEA SARL
 
Secure web applications, using AWS DDoS protection services
Distributed denial of service (DDoS) and other web attacks can affect your application's availability, compromise its security, and consume excessive resources. AWS Shield and AWS Web Application Firewall (WAF) help secure your applications from these types of attacks. AWS Shield is a managed DDoS protection service that offers always-on detection and automatic inline mitigation to minimize application downtime and latency. AWS WAF is a web application firewall that helps protect your applications from common web exploits such as SQLi, XSS, and botnets. This introductory tech talk will provide you an overview of these services.
 
15h50
| Heidi Rakels | CEO, Guardsquare
 
Mobile application protection: threats and solutions
Mobile applications have become so familiar that barely anyone thinks about the threats to which they are exposed. In our presentation, we will discuss reverse engineering and the different attack vectors it opens. We will focus in particular on common threats to media service applications (both Android and iOS) and elaborate on real-life attacks our research has uncovered. To conclude, we will outline how code hardening techniques and run-time application self-protection (RASP) mechanisms can mitigate the discussed threats.
 
16h10
| Gerben Dierck | Information Security Officer, Network & Security Architect, VRT

High profile cyberattacks in the media
In recent years, a number of media companies have made the news after suffering a cyberattack resulting in losing sensitive data or significant downtime. Let’s have a look at what we can learn from the experience of our unfortunate colleagues at TV5, Sony or HBO.
 
16h30 |
 Mike Elissen | Senior Solutions Engineer, Akamai Technologies
 
Understanding the Broadcasting Threat Landscape
Broadcasters’ enterprise information systems and broadcast technology systems have never been connected until recently. This change in architecture towards increased connectivity bring many positives; however, it also opens up broadcasters to an increasing range of information security threats. New concerns such as DNS security, DDOS-attacks, Protecting APIs, remote access security, and PII confidentiality have already been highlighted by recent industry events.
 
16h50
| Bart Gabriëls | System Engineer, Fortinet


There is almost an unlimited array of tools that Hacktivists and Cyberterrorists can use to prevent access to your network. Sophisticated DDoS attacks create not only Layer 4 volumetric assaults, but also target Layer 7 and DNS services where much smaller attack sizes can hide the attacks from cloud-based mitigation methods. To combat these attacks, you need a solution that is equally dynamic and broad-based. Fortinet’s FortiDDoS Attack Mitigation appliances use behavior-based attack detection methods and 100% hardware based detection and mitigation using security processing units (SPUs) to deliver the most advanced and fastest DDoS attack mitigation on the market today.


17h10 | Laura Coman | Manager | Risk Advisory | Cyber, Deloitte Consulting & Advisory

The Strategy of a Cyber Secure, Vigilant and Resilient Company
 


Traditional Cyber Security programmes often struggle in unifying the need to both secure and support technology innovation required by the business.


We will walk through the optimal path towards preventing, detecting and responding to Cyber Threats in an efficient manner: from assessing and identifying your company’s priorities to the definition and complete implementation of the processes and technical solutions.


17h30 | Drinks & Networking


With sponsorship of