THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES

Similar documents
TechValidate Survey Report: SaaS Application Trends and Challenges

AKAMAI CLOUD SECURITY SOLUTIONS

Survey: Global Efficiency Held Back by Infrastructure Spend in Pharmaceutical Industry

DIGITAL TRANSFORMATION IN FINANCIAL SERVICES

CIO INSIGHTS Boosting Agility and Performance on the Evolving Internet

AKAMAI THREAT ADVISORY. Satori Mirai Variant Alert

MULTIPLAYER GAMING SOLUTION BRIEF

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

and indeed live most of our lives online. Whether we are enterprise users or endpoint consumers, our digital experiences are increasingly delivered

Cybersecurity. Anna Chan, Marketing Director, Akamai Technologies

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

VIDEO ON DEMAND SOLUTION BRIEF

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

Evidence-based protection of web resources a must under the GDPR. How the Akamai Intelligent Platform helps customers to mitigate risks

2015 VORMETRIC INSIDER THREAT REPORT

Enterprise D/DoS Mitigation Solution offering

IBM Cloud Internet Services: Optimizing security to protect your web applications

Q&A TAKING ENTERPRISE SECURITY TO THE NEXT LEVEL. An interview with John Summers, Enterprise VP and GM, Akamai

CONTENT-AWARE DNS. IMPROVING CONTENT-AWARE DNS RESOLUTION WITH AKAMAI DNSi CACHESERVE EQUIVALENCE CLASS. AKAMAI DNSi CACHESERVE

Preparing your network for the next wave of innovation

Securing Your Amazon Web Services Virtual Networks

Cyber War Chronicles Stories from the Virtual Trenches

Security

THALES DATA THREAT REPORT

Securing Your Microsoft Azure Virtual Networks

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

Make security part of your client systems refresh

Best Practices in Securing a Multicloud World

Enterprise Overview. Benefits and features of Cloudflare s Enterprise plan FLARE

SOTI SUMMER [state of the internet] / security ATTACK SPOTLIGHT

Building Resilience in a Digital Enterprise

Have breaches declined since the massive Heartland Payments leak in 2008? What proportion of breaches are the result of hacking?

Imperva Incapsula Website Security

The Top 6 WAF Essentials to Achieve Application Security Efficacy

The Guide to Best Practices in PREMIUM ONLINE VIDEO STREAMING

Achieving End-to-End Security in the Internet of Things (IoT)

The Interactive Guide to Protecting Your Election Website

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

Building a Threat Intelligence Program

MarkMonitor Dark Web and Cyber Intelligence TM Dark Web Threat Intelligence to Protect Against Cyberattacks

Security in India: Enabling a New Connected Era

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

KNOWLEDGE GAPS: AI AND MACHINE LEARNING IN CYBERSECURITY. Perspectives from U.S. and Japanese IT Professionals

Q&A TALKING CYBER SECURITY WITH THE BOARD OF DIRECTORS. An interview with Josh Shaul, VP, Web Security Products

Imperva Incapsula Survey: What DDoS Attacks Really Cost Businesses

Vulnerability Management Trends In APAC

Delivering Cyber Security Confidence for the Modern Enterprise

HyTrust government cloud adoption survey

align security instill confidence

AKAMAI WHITE PAPER. Enterprise Application Access Architecture Overview

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Imperva Incapsula Product Overview

Skybox Security Vulnerability Management Survey 2012

Defense in Depth Security in the Enterprise

AKAMAI WHITE PAPER. Security and Mutual SSL Identity Authentication for IoT. Author: Sonia Burney Solutions Architect, Akamai Technologies

DIGITAL TRUST AT THE CORE

THALES DATA THREAT REPORT

akamai s [state of the internet] / security

The State of Cloud Monitoring

Shadow IT in the Enterprise

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Network Security Protection Alternatives for the Cloud

Why Enterprises Need to Optimize Their Data Centers

INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.

is dominated by these trends that characterize the state of all things Business depends on flawless digital experiences. This is true for the

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

THE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

CLOUD-BASED DDOS PROTECTION FOR HOSTING PROVIDERS

THE UTILITY OF DNS TRAFFIC MANAGEMENT

SELLING YOUR ORGANIZATION ON APPLICATION SECURITY. Navigating a new era of cyberthreats

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:

WHITEPAPER. How to secure your Post-perimeter world

RESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises

Data Protection. Plugging the gap. Gary Comiskey 26 February 2010

TREND REPORT. Ethernet, MPLS and SD-WAN: What Decision Makers Really Think

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

DDoS: Evolving Threats, Solutions FEATURING: Carlos Morales of Arbor Networks Offers New Strategies INTERVIEW TRANSCRIPT

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

LINEAR VIDEO DELIVERY FROM THE CLOUD. A New Paradigm for 24/7 Broadcasting WHITE PAPER

Automating the Top 20 CIS Critical Security Controls

Teradata and Protegrity High-Value Protection for High-Value Data

DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT

TRIPWIRE VIA PLATFORM PROTECTING YOUR DATA WITH INTEGRATED SECURITY CONTROLS

CLOSING IN FEDERAL ENDPOINT SECURITY

INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

Integrated Access Management Solutions. Access Televentures

Protecting Against Application DDoS A acks with BIG-IP ASM: A Three- Step Solution

DIGITAL TRUST Making digital work by making digital secure

Enabling the Always-On Enterprise

Arbor White Paper Keeping the Lights On

HEALTH CARE AND CYBER SECURITY:

The New Net, Edge Computing, and Services. Michael R. Nelson, Ph.D. Tech Strategy, Cloudflare May 2018

Transcription:

THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES

TABLE OF CONTENTS 3 Introduction 4 Survey Findings 4 Recent Breaches Span a Broad Spectrum 4 Site Downtime and Enterprise Application Security Are the Greatest Concerns 5 Premium Content is Key to a Successful Video Strategy, But It Must be Protected 6 Media Companies Lag Behind Other Industries in Using Cloud Solutions to Defend Against DDoS Attacks 7 Defending Against Web Application Attacks with Cloud and On-Premise Firewalls 7 Dealing With Automated or Bot Traffic: 33% Are Still Manually Investigating 8 Media Organizations Are Not Completely Confident in Their Current Security Measures 9 Conclusion 2

INTRODUCTION For media companies, the over-the-top (OTT) content opportunity is larger than ever and is projected to continue its rapid growth in the coming years as more viewers are cutting the cord and consuming their TV over the Internet. These organizations have the opportunity to not only replace traditional TV, but to provide a better-than-tv experience through personalization and other online-based innovations. In order to take advantage of this tremendous opportunity, broadcasters and OTT providers need to deliver flawless, uninterrupted viewing experiences to each and every one of their viewers. A key part of delivering that viewer experience will be securing it; not only the content itself, but perhaps more importantly, your applications, sites, and data, as the amount of cyber-attacks continues to grow. A survey of almost 200 media technology influencers and decision-makers by BizTechInsights on behalf of Akamai Technologies reveals the most common types of attacks organizations are facing, the measures they are taking to protect against them, their biggest security concerns, and more. 3

SURVEY FINDINGS Recent Breaches Span a Broad Spectrum Security breaches that go beyond stealing premium content are a real and present danger for media organizations. Attacks are widespread and of different types. The four most frequent breaches in the survey were SQL injections (23%), DNS attacks (21%), content pirating (2), and DDoS (17%). These findings show that organizations must be prepared for a large variety of attacks. Breaches that go beyond stealing premium content are a real and present danger. Figure 1: Which security breach has your organization recently experienced? 3 23% 23% 21% 2 17% 15% 11% 8% 6% 2% SQL injection DNS attack Pirated content DDoS attack Account hacks Website defacement XXS attack (cross-site scripting) Site Downtime and Enterprise Application Security Are the Greatest Concerns It s no secret to media leaders that threats are multiplying across all vectors and growing in size. Reflecting the prevalence of security breaches in the preceding chart, 26% of respondents indicated that slow site performance or downtime due to DNS attacks are their number one concern, while another 17% chose DDoS mitigation and site/application protection. These findings are not surprising as viewers cannot consume your content if it is not available. The second highest area of concern was protecting premium video content (23%). Interestingly, enterprise applications was the third most common concern. Next in the survey was managing the business impact of bots (15%). 4

Figure 2: What are your biggest concerns when it comes to securing your online video business? 3 26% 23% 23% 2 15% 15% 13% 8% 4% DNS attacks Protecting premium video content Enterprise/ internal application security Managing the business and IT impact of bots DDoS mitigation Website and application protection Premium Content is Key to a Successful Video Strategy, But it Must be Protected For businesses to profitably provide premium video content, they should employ an ongoing process to protect it against unauthorized usage and distribution. In this endeavor, organizations face challenges in implementing technologies to assert control over access and usage. Encryption (34%) ranked as the top challenge, while preventing link sharing (25%) and digital rights management (24%) were second and third, respectively. Figure 3: When it comes to protecting your premium content, what are your organization s biggest challenges? 4 34% 3 2 25% 24% 13% 1 Encryption Preventing link sharing Digital rights management Securing communications with end viewers (TLS security) 2% 2% Managing geographic rights restrictions Watermarking 5

Media Companies Lag Behind Other Industries in Using Cloud Solutions to Defend Against DDoS Attacks Organizations are pursuing several technology strategies in order to protect against DDoS attacks -- a high priority as previously noted. The defensive measure most frequently cited was the use of a network firewall in the data center (31%). The use of a dedicated scrubber DDoS mitigation solution (26%) was a close second while utilizing an intrusion prevention system in the data center (17%) was the third most popular measure. Surprisingly, only 14% of respondents indicated they are using cloud-based CDN DDoS mitigation, a method that has been more widely adopted in other industries. Only 14% are using cloud-based CDN DDoS mitigation, which has been more widely adopted in other industries. Figure 4: Describe your organization s strategy around protecting your online video business from DDoS attacks. 4 3 31% 26% 2 17% 14% 12% 1 Network firewall in the data center Dedicated "scrubber" DDoS mitigation Intrusion prevention system in the data center Cloud-based CDN DDoS mitigation DDoS mitigation from my ISP 6

Defending Against Web Application Attacks with Cloud and On-Premise Firewalls The majority of survey respondents indicated they are using a cloud-based web application firewall and 36% of respondents indicated they use on-premise measures in addition to cloud-based protections. 28% of respondents indicated that they only rely on an on-premise web application firewall while 2 said that they only use cloud-based web application firewalls. Figure 5: Describe how your online video business protects against web application attacks. 36% 36% 27% 28% 2 18% 16% 9% Combination of on-premise and cloud-based web application firewall On-premise web application firewall Cloud-based web application firewall Regular application security audits and testing Dealing With Automated or Bot Traffic Non-human agents, or bots, make up a large percentage of today s Internet traffic. Some of these bots are beneficial to your business while others can cause serious damage. Some bots can exploit stolen credentials to circumvent subscriptions while others could scrape your sites to steal content and sensitive data. Because of this, organizations need to manage bots, not completely block them. Of survey respondents, 22% are using a purpose-built bot management solution while 33% are manually investigating logs to manage bots. 7

Figure 6: How do you address automated or bot traffic today? 5 45% 38% 33% 25% 22% 13% Existing security solution, like a WAF or firewall Manually investigate logs and block individual IP addresses Purposebuilt bot management solution 1% We don't do anything to address our automated or bot traffic today Media Organizations are Not Completely Confident in Their Current Security Measures Only 1% of survey respondents indicated they are very confident in their current security measures and over half seem to be on the fence about whether or not they are fully prepared to protect against today s threats. Another 3% indicated they are not very confident in their current security measures. A healthy dose of skepticism and always striving to improve security measures are necessary as cyberattacks become larger and more publicized. It seems that every month an attack makes global news, causing severe damage both to brands and consumers. Only 1% are very confident in their current security measures. 8

Figure 7: How confident are you that your organization's current security measures provide sufficient protection against today's web threats [Rate on a scale of 1-5; 1=not confident, 5=very confident]? 6 57% 45% 39% 3 15% 3% 2 3 4 5 1% CONCLUSION As the number and variety of cyber-attacks increase, media organizations need to take measures to protect their entire online business, not just their video streams. Survey respondents recently have suffered seven different types of security breaches, with SQL injections, DNS attacks, content pirating and DDoS attacks leading the way. Media companies appear to be aware of these threats and are taking steps to mitigate the risks they face. However, they are not yet confident the solutions they have put in place are sufficient to address the risks to their businesses -- only 1% of survey respondents indicated they were very confident in their current security measures. Such a gap indicates media companies will remain vulnerable to attackers until they employ strong security measures across their entire online ecosystem. For media companies, solving the security challenge means establishing processes, communications and programs, not merely deploying a single-point-in-time solution. Other industries have addressed security by establishing industry forums, education seminars and close links to governmental security agencies. Such measures enable industry players to be well informed about the latest security challenges and solutions, giving them confidence in the particular security solution they have chosen to deploy. A similar industry community and communication system is developing among media companies and likewise will help bring awareness and confidence. n 9

About Akamai As the world s largest and most trusted cloud delivery platform, Akamai makes it easier for its customers to provide the best and most secure digital experiences on any device, anytime, anywhere. Akamai s massively distributed platform is unparalleled in scale with over 200,000 servers across 130 countries, giving customers superior performance and threat protection. Akamai s portfolio of web and mobile performance, cloud security, enterprise access, and video delivery solutions are supported by exceptional customer service and 24/7 monitoring. To learn why the top financial institutions, e-commerce leaders, media & entertainment providers, and government organizations trust Akamai, please visit www.akamai. com, blogs.akamai.com, or @Akamai on Twitter. Copyright 2017 Akamai Technologies, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system or translated into any language in any form by any means without the written permission of Akamai Technologies, Inc. While every precaution has been taken in the preparation of this document, Akamai Technologies, Inc. assumes no responsibility for errors, omissions, or for damages resulting from the use of the information herein. The information in these documents is subject to change without notice. Akamai and the Akamai wave logo are registered trademarks or service marks in the United States (Reg. U.S. Pat. & Tm. Off). Akamai Intelligent Platform is a trademark in the United States. Products or corporate names may be trademarks or registered trademarks of other companies and are used only for explanation and to the owner s benefit, without intent to infringe. Published 12/17. Akamai and the Akamai wave logo are registered trademarks or service marks in the United States (Reg. U.S. Pat. & Tm. Off). 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback