Multi-technology security is integral to combating new threats

Encompass recently delivered a complex global services project in support of DAZN’s coverage of the FIFA Club World Cup 2025

The migration to IP and new approaches to production and distribution have yielded a new generation of technologies aimed at protecting valuable content – which is just as well as the range of threats continues to expand.

The impression that we have moved into a significantly more hostile cyber environment is seemingly underlined by an increasingly broad – and numerous – range of cyber attacks. Indeed, September 2025 reportedly saw a “surge” in cyber incidents worldwide, covering sectors as diverse as retail, automotive and financial services. In broadcast and media, too, there is a perception that the shift to IP and new approaches to production and distribution have introduced a new element of risk, so to what extent is this concern borne out by reality?

 Kier Shepherd is chief solutions officer for Encompass, a global managed services company focused on supporting broadcasters, television networks, sports leagues and OTT platforms. The company’s clients include DAZN, for which it recently delivered a complex global services project in support of the sports entertainment platform’s coverage of the FIFA Club World Cup 2025.

 “I think everybody who’s contributing or distributing over the public internet, not necessarily just IP, has been introduced to new security vulnerabilities,” he says. “Before this we were probably living in a world where there was a reliance on the air-gapping of dedicated networks or satellite distribution, so there was less concern about such issues. What’s really happened as we’ve moved primarily to public internet distribution is that there has been a need to rethink all of those lessons that typical software businesses and companies delivering their applications online have had to deal with for a long time.”

Meanwhile, Alain Durand, senior director of business development at video technology company Synamedia, confirms the growing importance of sports to the plans of illegitimate operators. “Premium sports content is increasingly targeted by pirates as it remains a major driver of subscriptions. Pirate networks have effectively become the main competitors of legitimate service providers,” he says, adding that for OTT services “recent DRM vulnerabilities have enabled pirates to go beyond simply stealing and redistributing content. They are now using service providers’ own CDNs to distribute pirate streams – AKA CDN leeching.”

“Two things are going on at the same time,” observes Michelle Munson, CEO of Eluvio, whose Content Fabric provides a platform for content distribution and monetisation. “One, of course, is that the interest in disrupting content services is at an all-time high. But on the other side, the innovation to combat them has also advanced tremendously, and continues to do so.”

With a complex roll-call of threats ranging from DDoS (distributed denial-of-service) attacks – whereby there is an attempt to disrupt a server or network by overwhelming it with traffic – to ransomware, it’s not surprising that there is a universal emphasis on media companies implementing multi-faceted security technologies and practices to minimise the risk of content being compromised.

“To minimise the threats, broadcasters and service providers need a combination of active protection measures (Central Authentication Service [CAS] and Digital Rights Management [DRM]) and forensic tools including watermarking, CDN leeching disruption and monitoring,” says Durand, adding that Synamedia’s server-side content watermarking product, Content Armor, is fully integrated into live workflows and “enables the disruption of pirate sessions within minutes, directly at the CDN level”.

For Munson, ensuring content security is “foundational to do what we do with the Eluvio Content Fabric. So the first and most important idea is that it’s truly end-to-end from the source media to the eyeball. Then when you get into the details of the Fabric, as a protocol it provides encryption, both of the content controlled by the owner and also with ‘trustless existence’ in the Fabric and re-encryption; that trustlessness allows the Fabric to scale for many tenants and also allows the content to be self-protecting.

Michelle Munson, Eluvio

“Thirdly, the authorisation and rights to content are built into the Fabric protocol, which means that all of the granular session level enforcement is actually part of a policy. This gives two enormous benefits: one is that it’s very specific to a given viewer session, and the other is when it’s updated it applies globally to all of the media in the network – without having to republish or provide any kind of redistribution. Fourthly, we have built strong DRM into our encryption pipeline, which includes all major DRM variants, and that is combined with the studio-grade requirements in premium content so that the version of DRM selected is dynamically tied to the content that’s being served.”

“Premium sports content is increasingly targeted by pirates as it remains a major driver of subscriptions. Pirate networks have effectively become the main competitors of legitimate service providers”

For Encompass’ clients, Shepherd says there are three main aspects that they would tend to focus on. “The first is end-to-end encryption, which is ultimately the best defence and involves ensuring usually key-based encryption with no client-ending devices. That means we can guarantee there is no interruption of the signal from when it leaves us to when it arrives, or when it leaves the production to when it arrives with us. We’re talking here about something like AES encryption with SSL cryptography.”

The second element is the adoption of a “zero-trust stance, by which I mean don’t assume that the person you’re connecting to or receiving a connection from is who you think they are. That means you always need to be verifying, typically through multi-factor authentication.”

Finally, an increasingly complex – and fast-changing – threat environment calls for the adoption of a resilience and disaster recovery strategy. This tends to involve geographical diversity, such as having two separate cloud locations or data centres. “For instance, that’s going to protect you from denial-of-service attacks and other interruptions when you have that complete segregation with the service,” says Shepherd.

“As streaming tools become more accessible, any live content can become a target, making scalable, automated protection essential”

Evan Statton, VP of business development at live video over IP specialist Zixi, recommends that broadcasters and rights holders should “encrypt their content and tightly manage access. They should follow the principle of least privilege (PoLP) which dictates that each user or applications should have as little access as necessary to perform their role or function. This minimises potential attack surfaces. Additionally, customers can use techniques such as content watermarking to detect where piracy may be taking place so that they can quickly identify and shut down any exposure. Finally, systems should not be placed on the public internet. Critical broadcast systems should be behind firewalls and only accessible via VPN or private connection to avoid providing an attack vector.”

He also urges the encouragement of good practice on the part of broadcast system users –“make sure any passwords are changed frequently and teams are trained on preventing phishing attacks” – and the integration of SaaS deployments with SSO systems to maintain a “consistent security posture. Do not let your guard down internally! Even air-gapped networks have been compromised through management interfaces and corrupt USB drives,” he says. “Even private circuits can have traffic sniffed or spoofed, so always encrypt your data, even over private links. Finally, make sure to stay up to date with security patching to limit exposure.”

Inherent in its nature is that security remains a moving target. Invited to nominate the emerging issues that should be of greatest concern to sports broadcasters and rights holders, Durand responds: “Client-side watermarking has become less effective due to CDN leeching and advanced hardware capabilities in broadcast, which enable pirates to automate collusion attacks – making watermark extraction longer and more difficult. Also piracy is moving downstream, affecting not only premium sports but also niche and regional events. As streaming tools become more accessible, any live content can become a target, making scalable, automated protection essential.”

Statton agrees that the “attack landscape” is continuing to evolve, noting that generative AI now enables “highly convincing phishing and spoofed traffic, increasing both volume and sophistication of attacks. Broadcasters should maintain best practices for security posture and stay aware of critical security vulnerabilities by keeping up with trusted sources such as the Common Vulnerabilities and Exposures group. Looking ahead, advances in quantum computing will challenge existing cryptographic standards, driving the need for next-generation encryption.”