CDSA

NAB 2019: SHIFT Details ‘Mundane’ Content Threats; IBM Secures a Partner

LAS VEGAS — Alex Nauda, CTO for video collaboration firm SHIFT and Screeners.com, sees the big hacks and malware infections getting all the attention when it comes to the content security space today. So he used his time at the April 7 Cybersecurity & Content Protection Summit at the NAB Show to talk about the more mundane problems out there.

“The challenge is that potentially dangerous activity — such as sharing one user login among multiple people — can often masquerade as normal authorized use,” he said, sharing three threats that can have just as much impact on your intellectual property has any hack out there.

These less-sophisticated patterns of misuse can cause just as many problems, with damage to media properties, clean-up costs, and more. One such problem— which SHIFT refers to as the

“The Lover” — sees an unauthorized person gaining access to pre-release content via authorized distribution. A publicist sends a film reviewer a legitimate screener, but that reviewer then shares the content with someone close to them, who then proceeds to download or share it elsewhere.

Another “mundane” threat is “The Stale iPad,” where a device that’s still logged in, thanks to saved passwords, is accessible by someone who is not the authorized user. They get the content, have no loyalty to the content owner, and are then capable of causing untold amounts of damage.

Lastly, there’s the “You’ve got pwned” threat, where an unauthorized user compromises the email account of an authorized user. That one may be the most problematic, Nauda said, because biometrics might be the only way to fully prevent that unauthorized access.

“Bad password practices among our users remain a big problem, so we’re eliminating passwords from our login processes everywhere we can,” he said. “Where we can’t, we’re limiting them as much as possible. Educating large groups of external users on multi step login flows is difficult, so we make our authentication as easy to use as we can, and provide good support for those users who get stuck.”

Later at the event, IBM Security’s Michael Klint Borozan shared how it helped the Weather Channel deploy a security program that aimed to establish Internal trust for its employees, the company’s executives, and external (or “digital trust”) for its customers and business partners, in the presentation “How the Weather Channel Built Digital Trust.”

By modernizing security frameworks and controls, responding to a global security skills shortage, addressing increasing cyberattack vectors (including IoT), and securing the company’s journey to cloud and digital transformation, IBM Security was able to help the Weather Company address nearly every aspect of cybersecurity.

“One of the most powerful things we’ve come to understand is that every client is on their own unique security journey,” he said. “Though every clients journey is different, some are putting the final touches on their maturity program, while some are just getting started, one thing is common… they all want to improve their security program.

“Mission accomplished does not exist in the space, and frankly it never will.”

Co-produced by the NAB Show and the Content Delivery & Security Association (CDSA), the Content Protection & Cybersecurity Summit was presented by SafeStream by SHIFT, Akamai, IBM Security, Microsoft Azure, Convergent Risks, the Digital Watermarking Alliance, the Trusted Partner Network, and produced by the Media & Entertainment Services Alliance (MESA) and the Content Delivery & Security Association (CDSA), in cooperation with the NAB Show.