Production data is prized by cybercriminals. Intellectual property (IP) theft is fast becoming the goal for hackers, who are increasingly holding the IP of film and media companies hostage. Unfortunately, small production companies and post-production houses are not immune. They may be seen as an easy gateway to a bigger entity, as SMEs are less likely to have enterprise-level security, good security practices, or a dedicated IT team standing guard.
What’s the scale of the risk?
More than half of media and entertainment firms experienced three or more cyberattacksin 2018. Big name products, complex production processes, and prolific use of contractors and suppliers give cybercriminals more opportunities to attack. Worse still, a survey of global media brandsfound that a third of respondents aren’t confident that their supply chain would protect their assets.
Viruses, phishing attacks and data breaches are the three most common types of security incident amongst the entertainment industry. Astonishingly, despite the high number of attacks, the majority of firms surveyed said they were confident they could prevent one from happening. The bottom line for most small businesses is that a cyberattack or data breach can cost your business: both in lost revenue and reputationally. For SMEs working in the media and entertainment industry, the risks are heightened because the value of archived material is seen as so much higher.
How to make your archiving more secure
- Prevent attacks by:
- Regularly evaluating your vulnerabilities, and understanding any weaknesses in your supply chain
- Documenting and addressing cybersecurity before you start every project
- Train staff (including freelancers) on the latest best practices, including how to recognise phishing and how to maintain strong passwords
- Detect any suspicious activity by:
- Ensuring that all staff know what an attack may look like – and how to quickly report a breach
- Tracking all attempted attacks – whether or not they succeeded
- Preparing an incident response and data recovery plan, and making sure key staff know how to act on it
- Mitigate the ongoing risks by:
- Having an easy to access, plain English plan for handling data security incidents, covering identification and containment through to reporting and resolution (something we can help with, as small business IT specialists)
- Being clear and transparent with customers and your supply chain when an incident happens
- Hiring an IT provider that understands your business – and can quickly step in to implement your disaster recovery plans.
When it comes to securing your archive data, you don’t have to handle it alone. Often, with creative businesses that flex up and down in staff numbers to fit the next project, it just makes sense to have an external IT company taking care of all your tech – so you can get on with other things.
We’re familiar with industry compliance standards, and can help you deliver a robust disaster recovery plan, as well as doing things like remote monitoring to help detect risks before they become incidents. Contact us to find out more.