Has the media sector adapted in response to the Crowdstrike disruption?
In the ever-evolving digital landscape, the media industry has been proactively implementing measures to bolster its cybersecurity defences and prevent large-scale IT outages, following high-profile incidents such as the one experienced by Crowdstrike in 2024.
The media industry's response has been multifaceted, with a focus on adopting Zero Trust Architecture, Multi-Factor Authentication (MFA), Automated Patch Management, AI and Machine Learning Integration, and Secure-by-Design Principles.
Zero Trust models, which assume all users and devices are potential threats, are becoming increasingly popular. Implementing "deny-by-default" policies can help block unauthorized access, while enhancements in MFA ensure secure login processes against sophisticated phishing attacks. Automated patching reduces the window of vulnerability, and AI is being integrated into cybersecurity to enhance threat detection and response.
Secure-by-design development practices are also being adopted, with security considerations integrated at the initial stages of software development. Real-time alerts for policy violations and security breaches allow for swift action and minimise the impact of potential attacks.
In terms of disaster recovery, diversity is key. This might mean having an elastically scalable cloud production service ready to go as a backup plan. The Crowdstrike outage in 2024 highlighted the importance of building diversity into Disaster Recovery (DR) plans, with media organisations now focusing on strategies that combine prevention and resilience methods more widely.
Regular security audits, staff training, and incident response planning are other essential measures being implemented. Conducting regular audits helps identify vulnerabilities and address them proactively, while staff training educates employees about cybersecurity best practices. Incident response planning ensures a quick response to and containment of security incidents.
Despite these efforts, there is still a gulf between customers and vendors when it comes to the security of modern media technology tools. Media figures are being asked if the industry has taken sufficient steps to prevent similar disruptions since the outage.
One positive outcome of the 2024 outage is the increased focus on cybersecurity. Companies like Microsoft are announcing new features to improve security, such as endpoint protection APIs that enable execution in user space to reduce harm.
In conclusion, the media industry is learning from past outages and adapting to the ever-changing threat landscape. While it may be impossible to anticipate all possible scenarios, strategies such as AI-based monitoring, zero-trust models, dynamic policy management, and more rigorous update testing are being implemented to enhance cybersecurity across various sectors.
- To further strengthen its cybersecurity, the media industry is also considering cloud production solutions that offer elastic scalability as a resilience measure, learning from the Crowdstrike outage in 2024.
- In addition to implementing Zero Trust Architecture, Multi-Factor Authentication, Automated Patch Management, and Secure-by-Design principles, the media industry is also leveraging technology advancements in AI to improve cybersecurity threat detection and response.
