Bringing more IT technology into the broadcasting domain has created new opportunities for media production and distribution, but it has also opened broadcast companies to new security threats. Media companies are increasingly targeted in massive security attacks. Each broadcaster, once targeted, will develop counter measures, but the sensitivity of such issues means other broadcasters fail to benefit from each other’s experiences.
If your organisation is not yet represented and you are an authoritative security personnel such as Chief Information Security Officer (CISO) you may join this group. The following broadcasters are already actively participating in the group : BBC, FT, NPO, ORF, RTÉ, RTBF, RAI, SSR, SVT, RTVE, TV2, VRT, WDR, YLE, ZDF.
If you come from one of the above broadcasters, please refer to your security officer for any input to the group.
- Dedicated to security experts from EBU Members, MCS raises awareness of the changes and increasing information security risks to senior management boards, and exchanges information on general media and broadcasting security threats. It also provides a platform for exchange of information on security incidents and information security related experiences among the Members of the group (e.g. phishing campaigns, attacks in newsroom environments, targeted malware attacks, etc.).
- The group also exchanges details of lessons learned from information security incidents, projects, internal procedures and best practices executed inside EBU members (technical, training, etc.) and defines for the long term, information security best practices for broadcast companies.
Recommendations
EBU R 141 - Mitigation of Distributed Denial of Service (DDoS) Attacks- EBU R 142 - Cybersecurity best practice for connected TVs and services
- EBU R 143 - Cybersecurity for media vendor systems, software & services
- EBU R 144 - Cybersecurity Governance for Media Companies
- EBU R 145 - Mitigation of Ransomware and Malware Attacks
- EBU R 146 - Cloud Security for Media Companies
- EBU R 148 - Minimum Security Tests for Networked media Equipment
EBU R 150 - Secure File Ingest Best practice for Media Companies- EBU R 160 - Vulnerability Management Procedure Toward Media Equipment Vendors
- EBU R 143v2 - Security Requirement for Media System Vendors.
- EBU R 161 - Responsible Disclosure Policies for Media Companies
EBU R 162 - Security Level Agreement for Media Companies Service Providers- EBU R 163 - Security best practices for Field Journalism.
- EBU R 164 - Security Guidelines for Outside Media Events.
- EBU R 165 - Security Maturity Benchmark for Media Companies.
- EBU R 166 - Information Classification Policy.
- EBU R 167 - BYOD Generic Governance Policy.
- EBU R 168 - Secure Software Development Lifecycle.