The media industry is firmly set on a path to an IP-connected future. Major live events are now routinely covered through remote production, with sources and data delivered over open circuits to the broadcast center rather than being managed on site. This trend will certainly continue, so it’s therefore critical that live production workflows are designed with security and resilience in mind.
IP Adoption
As with any new technology, adoption grows in phases. At first, it’s experimental, with every set-up carefully crafted. Then it moves to a proof-of-concept phase: standards emerge that help make the infrastructure more routine. Finally, it becomes routine, and engineers pull the standardized modules, both hardware and software, that they need for the job in hand, and economies of scale give it a commercial imperative.
This path can be plotted as two lines on a graph. First is the amount of technical effort needed to establish, maintain, and operate the network. This should fall as experience and technology grow, making for simple, standardized implementations.
The second may be a little less obvious. This time it is a line that rises over time. As more productions opt for IP-connected remote working, the demand for facilities and bandwidth grows. More ambitious production standards, more cameras on site, and more return feeds, make the demand for bandwidth grow even faster.
Estimates vary, but it is certain that more than 80% of internet bandwidth is taken up by video. Of course, much of this is content delivery, from TikTok to Netflix. However, what we might call professional video transfer, such as live production, is taking an increasing share.
Managing Cyber Threats
As well as leading to congestion, the growth in the use of the internet for the transport of video also attracts the attention of those with malicious intentions. Whether for political reasons or simply for financial gain, there are many people who seek to profit or make a name for themselves through cyber-crime. And while interrupting a feed from a streaming service might upset customers, if a live production feed is interrupted, this can have much bigger ramifications.
Imagine sitting in master control in the seconds before the Olympic 100 meters final, and suddenly every monitor shows a demand for large numbers of Bitcoin. Not a good situation!
The World Economic Forum now publishes an annual Global Cybersecurity Outlook. Its 2024 report found that among its surveyed organizations, minimum viable cyber resilience was down 30%. In 2025, 35% of small organizations believe that their cyber resilience is inadequate. Media enterprises, many of which are classed as SMEs, must act.
Building Secure and Scalable Live Production Workflows
Not all transport protocols meet the demands of the live production environment equally, which is why RIST (Reliable Internet Stream Transport) that aligns with emerging industry needs, is gaining traction. It’s flexible, readily established, and supports the key professional technical standards like SMPTE ST2110, as well as JPEG-XS, AV1, H.264, and many more.
Security is baked in, with streams protected with AES encryption and advanced authentication options like DTLS. The protection is so good, it’s tempting to take the view “it’s RIST so we don’t need to worry”, however, it’s important not to be complacent because this inevitably leads to security holes.
Every time a network is created, engineers need to consider security at every single point. Just because a stream leaves the source encrypted and arrives at the destination encrypted, that does not mean there is no risk on the way. It’s important to consider whether there are any points in the network where the signal needs to be decrypted?
Why? Is it for routing or distribution? How are those nodes protected? Are those devices completely secure or do they have back doors? Do they need to phone home for licenses and how do they store passwords and routing data?
RIST has a very useful routine called rist2rist, which is great for building distribution services. It takes in a stream and sends it to multiple qualified destinations. Most important, rist2rist does not need to decrypt the stream to achieve this, so you can host the node anywhere you like, including in the cloud, with a high degree of confidence.
As the pressure grows for more and more services, the need for staff also grows, as does the pressure on those operators. Human factors are well known to have huge potential to bring down even the best systems. In the old days, a broadcaster’s infrastructure was contained in a machine room, in the center of the building, protected by multiple layers of access control. You must think the same way about virtual infrastructures. Single sign-on systems must be applied rigorously, allowing access only to the parts of the system required and the times when it is needed. Giving too much freedom simply increases the chances of operator error causing disaster.
Importance of Securing Every Element of IP Production
So far, I have talked about video as the essence of IP infrastructures. It is so obviously important that it is tempting to neglect everything else that production requires. But you can’t make a live production without intercom, text and document transfers. It is important to recognize that they should be protected in the same way as video and audio.
It's easy to imagine, in the set-up phase of a production, an engineer at a remote site asking for an IP address. If the central engineer sends this in the clear, then anyone with minimal hacking skills could read it, and a bad actor could very quickly take down your whole network. It is vitally important to wrap text and intercom into the same high-resilience, end-to-end encryption.
The future for IP production is extremely positive, delivering high performance at low cost and with agile set-ups. But as it grows, we must build new working practices that adopt zero-trust architectures and tight access control. RIST is ideally placed to be the cornerstone, but for an IP future where live video is consistently delivered reliably and securely, an all-embracing approach to security is critical.
