The report also takes a deep dive into the most common types of attacks media organizations' over-the-top (OTT) properties are facing, the measures currently in place to combat those attacks, top security challenges and concerns, and how they are addressing the management of bots – which can account for up to 60 percent of website traffic according to
- Top security concerns go beyond protecting content. While premium video content protection ranked high among respondents' top concern when it comes to securing their online video business (23 percent), the most-cited concern was slow performance or downtime due to DNS attacks (26 percent). Other areas of high importance included DDoS mitigation (13 percent), managing the impact of bot traffic (15 percent), and enterprise application security (20 percent). As the media threat landscape continues to shift, so too are priorities for protecting their OTT businesses.
- Attack vectors span a broad spectrum. When asked which type of security breaches their organization has recently experienced, the top responses were SQL injections (23 percent), DNS attacks (21 percent), pirated content (20 percent) and distributed denial of services (DDoS) attacks (17 percent). Other attacks reported included account hacks, website defacement and cross-site scripting. Media entities are increasingly facing a broad spectrum of attacks that go beyond content piracy and present a real danger to the business.
- DDoS defenses lag behind other industries. Respondents reported employing a broad range of technologies for addressing DDoS attacks, including a network firewall in the data center (31 percent), a dedicated DDoS mitigation "scrubber" (26 percent), data center-based intrusion prevention system (17 percent) and ISP-based DDoS mitigation (11 percent). Most surprisingly, only 14 percent of media organizations report using cloud-based content delivery network (CDN) DDoS mitigation – a measure that has become widely adopted in other industries.
- Inadequate bot traffic management measures persist. A surprising one-third (33 percent) of survey respondents reported that they employ a manual process of investigating logs and blocking individual IP addresses to address bot traffic, while 45 percent of respondents leverage an existing firewall, and one percent don't do anything at all. Only one in five respondents (22 percent) leverage a purpose-built bot management solution, revealing widespread risk of bot-based threats like credential exploitation to circumvent attacks or steal content.
- Substantial web application defenses employed – but room for improvement exists. An overwhelming 84 percent of media organizations report using a web application firewall (WAF) -- either cloud-based, on-premises or a combination of the two -- to defend against web application attacks. Sixteen percent rely on application security audits and testing alone.
"Media companies are online businesses, operating websites and maintaining a wide variety of proprietary and sensitive information. They need to broaden their perspective on security and look closely at approaches like zero trust architectures and protecting enterprise applications to secure their content along with everything around it," said
To learn more about how
To download "The State of Media Security," please visit: http://bit.ly/2Cf5tdp.
As the world's largest and most trusted cloud delivery platform,
Chris Nicholson Tom Barth
Media Relations Investor Relations
View original content with multimedia:http://www.prnewswire.com/news-releases/media-organizations-security-practices-threats--concerns-examined-in-new-akamai-research-report-300623914.html