Skip to main content

DPP, NABA Define Supplier Cybersecurity Requirements

AMSTERDAM—The Digital Production Partnership and the North American Broadcasters Association have published a joint document, “Broadcaster Cyber Security Requirements for Suppliers,” to assist manufacturers and suppliers in developing products aligning to modern cyber security standards, that are fit for integration into broadcaster facilities. The recommendations will be adopted by major U.K. broadcasters, the pair said.

The announcement of the recommendations was hosted by Ericsson, a member of the DPP.

The organizations said that broadcasters are now facing daily cyber assaults on their websites, IT infrastructure and systems. With this growing threat, they said, U.K. and U.S. broadcasters have united to introduce a set of best practice requirements covering documentation and testing, authentication and security controls.

The Broadcaster Cyber Security Requirements for Suppliers is the latest in a new series of DPP publications focusing on Cyber Security. This includes the 10 Things You Need to Know About Cyber Securityguide, and the DPP’s recently released Supplier Security Checklist and supporting User Guide. All publications are available to download from the DPP website.

“Protecting the viewer’s experience, and the veracity of our output is the number one concern today,” said DPP chair and director of Broadcast Operations at ITV, Helen Stevens. “The growth in connected services and IP-driven production, as well as cloud platforms and applications, means that, as a modern broadcaster, our focus has to be on protecting our content from increasingly frequent cyber attacks.”

The requirements were developed by the NABA Cyber Security group and supplemented by the DPP’s Cyber Security work stream (which includes representatives from BBC, BT Sport, Channel 4, Ericsson, Five, Sky and UKTV).

“Cyber security is now one of the top strategic priorities for North American broadcasters,” said Michael McEwen, director general at NABA. “We will never protect ourselves fully from attacks, but we need to mitigate their impact. As we define our information security requirements for the future, we expect suppliers to be our partners. In fact, we need their ideas and expertise in finding solutions that work.”

Steve Plunkett, head of Technology, Broadcast and Media Services at Ericsson said: “Media companies need confidence in the whole broadcast chain. That confidence is built upon trust in robust and resilient service design and testing—in all stages from program development to the point of transmission. The NABA/DPP requirements will help vendors explore whether their products really are secure by design, and can hold up against modern cyber criminals.”