The recently published update to Cybersecurity Advisory EBU R 143 includes provisions specific to Software as a Service (SaaS) products. The move highlights the evolving cybersecurity threat landscape and increasing reliance on cloud-based services within the broadcast industry.
EBU R 143 is a set of guidelines developed by the EBU to assist audiovisual media organizations in protecting their digital assets and infrastructure from cyber threats. The recommendations were first released in 2016 and have been regularly updated to address emerging challenges and technologies in the cybersecurity field.
Adopting SaaS products
The inclusion of SaaS products in EBU R 143 reflects an established trend among broadcast organizations to leverage cloud-based solutions for a variety of operational needs. While SaaS platforms offer many benefits such as scalability, flexibility, and cost-effectiveness, they also create a shift in responsibility towards vendors in the areas of cybersecurity and data privacy.
The updated recommendations include an additional list of cybersecurity requirements for SaaS products, including strong access controls, data protection, security monitoring, and incident remediation. The Security Controls assertion file now also includes a section for SaaS solutions. The EBU recommends that broadcasters involved in tenders use this as a basis for setting minimum system acceptance levels during the purchasing process.
All EBU Cybersecurity Recommendations emphasize the importance of cooperation and information sharing between broadcasting organizations, industry players and cybersecurity experts. By exchanging insights, best practices, and threat intelligence, the broadcast community can collectively increase resilience to cyber threats and protect the integrity of media content and services.
