Insiders threaten Creativity, Collaboration and Profits in Media & Entertainment Industry
The warning cry went out in 2018 when Forrester reported that the Media and Entertainment (M&E) industry were unprepared and that “More than half (51%) of media and entertainment firms experienced three or more cyber attacks over a 12-month period,” in a report commissioned by Hiscox. More disturbing was that “one-third of the survey respondents reported that they are either skeptical or not confident that their vendors’ cyber security strategies would protect their intellectual property and assets.” Unfortunately, M&E continues to be a primary target. M&E sees an immediate impact on profits when there is a data leak and is at the crux of the security challenges is the culture that makes M&E unique.
COLLABORATION DRIVES CREATIVITY
M&E not only depends on collaboration but thrives on it. Collaboration is considered a driver of success across M&E functions. Collaboration drives creativity. In a culture of collaboration, talent can be sourced on a global scale. This increases the number of ideas that get considered and increases the probability of ideas being widely accepted since they get vetted by a larger and more diverse group. M&E relies on collaboration across every stage of the creative, production and delivery process.
COLLABORATION BRINGS CHAOS
Collaboration works best in a transparent environment with a horizontal structure, typically one where security does not play a strong role. The horizontal structure increases the likelihood of accidental leaks. This is due to the opportunity for more people to make more mistakes and has led to the increase in careless or accidental insiders.
Another sign of chaos is the fact that the majority of organizations are suffering from data sprawl with data across rogue clouds. Clouds and the proliferation of collaboration apps including Office 365 have permanently changed the way people interact with each other and data. In a recent Cybersecurity Insiders report, 42% of security practitioners cited collaboration apps as one of their main concerns, followed by cloud storage and file sharing apps. As a result, there are inherent conflicts with security and the collaboration culture in the M&E industry.
Collaborative organizations are constantly changing and adapting so they require adaptive security. There are more tools for monitoring user behavior and productivity. Some of them are very intrusive, recording every minute of an employees day. The acceptance of these types of apps by fundamentally creative people is unlikely. Is it important to know how many breaks an employee takes - for most what is of utmost priority is protecting the sensitive data - the ideas represented in the stories that this industry produces. But how do you protect ideas?
Cyberhaven has innovated Data Behavior Analytics (DaBA) a data centric twist on UEBA where the story is told from the perspective of the ideas (the data) that people in creative industries are trying to protect. Ideas are fluid and data is becoming equally fluid as it moves through various forms from databases to emails, scripts, presentations and video. DaBA monitors the data continuously as users interact with it. Security and IT teams can follow the data no matter where it starts and where it goes - from the endpoint to the cloud. This provides security with visibility to the data sprawl and to the shadow IT that might be undermining security. The real-time visibility allows security teams to react with the appropriate measures to keep the ideas secure. Based on how users are interacting with data - it may be simply necessary to provide more training for users or it may be that removable storage devices like USB sticks needs to be blocked or more carefully monitored.
Cyberhaven believes that security will need to continue to evolve to meet the needs of how productive companies drive innovation. For many like M&E, innovation is driven via facilitating collaboration so that creativity can thrive. Insider Threats continue to plague not only M&E but all industries as Cyberhaven’s recent Insider Threat Report shows.
Topics: Insider Threat