Changes in audiovisual consumption can open up a wide range of new security threats.
Whether you're a D2C operator or a traditional pay-TV provider looking to launch your own OTT service, there's a very important question to ask yourself: how can I make sure my content is protected in today's hyper-connected world?
Contrary to popular belief, simply using multiple DRM is no longer enough, so the industry is moving further to address known and emerging security threats.
The reason for this change is that the pay-TV industry is changing rapidly. The growing number of enabled devices, such as tablets, phones, and connected TVs, are part of consumers' everyday lives and are fundamentally altering how and where they see content they love.
As a result, subscription streaming services are increasingly becoming the consumption method of choice. According to Digital TV Research, global SVOD subscriptions are now expected to increase to 1.161 billion in 2025 and increase by 170 million in 2020 alone due to COVID-19.
As these OTT and D2C services grow in popularity, service providers are moving away from the traditional peer-to-peer operator and set-top box relationship, which can open up a wide range of new security threats. Such threats exist along the value chain and create a much more complex ecosystem that requires a more sophisticated approach to protecting the vulnerabilities that hackers are trying to exploit.
Regular and targeted hacking attacks not only have an immediate effect through stolen content, but also impact revenue as subscribers abandon for illegal pirated services. It is virtually impossible for pay-TV operators to compete with free or significantly cheaper pirated services. This is why successful operators are recognizing these hacking threats and are creating a comprehensive security strategy that goes beyond simple multiple DRM.
While Multi-DRM provides a basic level of protection for OTT streaming services, it should be considered as a baseline from which to build. It addresses the threat to content security, but the service side, which has a considerably larger footprint in today's streaming world than in a traditional streaming environment, is still vulnerable, so addressing this is just as important as protecting the content itself.
In addition, as content owners begin to demand the use of certain tools, such as watermarking, to ensure their content is secure before licensing, investing in a service protection strategy becomes even more important for the future of service providers.
OTT and D2C providers must work within this complex environment, protecting content, services, consumers, and content delivery. That's why having a comprehensive, adaptable, and scalable set of solutions should be part of a comprehensive security strategy. The best approach is active streaming protection that protects both content and service and is easily adaptable, can scale to meet business requirements and keep pace with ever-evolving security demands.
For example, with active stream protection and taking multiple DRM as a baseline, vendors can incorporate a watermark solution to protect the content itself, while using a centralized security platform to ensure a full set of capabilities across broadcast and IP networks that can be protected against other threats such as credential exchange.
To further protect the service, operators could also integrate anti-piracy services to identify leaks and take steps to mitigate the risk of loss, such as deletions and warning messages to the end device. And, to ensure the best business decisions are made, data and analytics tools can be added to effectively inform business stakeholders at the executive and operational level to ensure the entire organization is strong and protected.
Beyond traditional content protection, businesses also need to be aware of the risks that arise with increased virtualization and the impact it has on the broader IT infrastructure. Pirates are working to attack the weakest point of any network and, for many providers, that is the home of their subscribers. Having a service protection strategy in place not only protects content, but sees the broader cyber threat as helping to protect the entire organization.
While Multi-DRM served traditional broadcasters well for many years, it now needs a range of additional technologies to function as part of a comprehensive security strategy to protect both content and the entire service.
Creating a comprehensive strategy can take time and investment, however, not doing so could leave your business, content, and customers at risk of hacking and cybersecurity attacks. Operators should use this time now to effectively assess and analyze their security strategy and work to build a safe and secure streaming environment.
*Tim Pearson is Senior Director of Product Marketing at Nagra.