Cybersecurity for media vendor systems, software & services

EBU R 143

Cybersecurity for media vendor systems, software & services

This Recommendation provides guidance on cybersecurity safeguards that media organizations and media vendors should apply when planning, designing or sourcing their products and services.

Open file (pdf, 0.5 MB)

R 143 is composed of a comprehensive and detailed list of vendor and product security requirements. This version (2.2, dated April 2021) is unchanged from version 2.0, dated November 2020, other than for applying some editorial changes to both the recommendation and to its accompanying Excel spreadsheet to better align them. Thank you to our colleagues in NHK for identifying these issues. 

Annex

R 143 Security Controls Assertation (XLS file) - A checklist for vendors and those engaging in tenders, to help assertain how a product or service meets the requirements set out in R 143. This list helps to identify a vendor's capabilities to respond to the security safeguards during a tendering process, and should form the basis for setting minimal system acceptance levels.

Key words: Security, Services, Infrastructure, Broadcasting, IP, Software, Application, Cyber, Security Controls Assertation, Vendor, Vulnerabilities, Authentication, Password, Encryption, Certificate, PKI, Keys, Log, Incident.

Translations

The following translations of this document are available. Please note the translations may not be based on the latest version; see the year mentioned in brackets. These translations are courtesy of the translaters and hosted by the EBU 'as is'. The official and definitive version is the EBU English version.

Japanese version of EBU R 143 v2.2 [2021] - Warm thanks to EBU Associate Member NHK.

Russian version of EBU R 143 v.1 [2016] - Special thanks to EBU Member RTR.

All versions of this publication

Version 1 of this document was originally published in April 2016.

Version 2.0, a major revision, was published in November 2020.

Version 2.1 was published on 19 April 2021, containing some minor editorial changes with respect to Version 2.0.