Cybersecurity for media vendor systems, software & services

EBU R 143

Cybersecurity for media vendor systems, software & services

This Recommendation provides guidance on cybersecurity safeguards that media organizations and media vendors should apply when planning, designing or sourcing their products and services.

Open file (pdf, 0.4 MB)

R 143 is composed of a comprehensive and detailed list of vendor and product security requirements. This version (2.1, dated April 2021) is unchanged from version 2.0, dated November 2020, other than for some strictly editorial corrections (capitalisation of defined terms, correction of two typos). 


R 143 Security Controls Assertation (XLS file) - A checklist for vendors and those engaging in tenders, to help assertain how a product or service meets the requirements set out in R 143. This list helps to identify a vendor's capabilities to respond to the security safeguards during a tendering process, and should form the basis for setting minimal system acceptance levels.

Key words: Security, Services, Infrastructure, Broadcasting, IP, Software, Application, Cyber, Security Controls Assertation, Vendor, Vulnerabilities, Authentication, Password, Encryption, Certificate, PKI, Keys, Log, Incident.


The following translations of this document are available. Please note the translations may not be based on the latest version; see the year mentioned in brackets. These translations are courtesy of the translaters and hosted by the EBU 'as is'. The official and definitive version is the EBU English version.

Russian version of EBU R 143 v.1 [2016] - Special thanks to EBU Member RTR.

All versions of this publication

Version 1 of this document was originally published in April 2016.