Industry Talk

Regular Industry Development Updates, Opinions and Talking Points relating to Manufacturing, the Supply Chain and Logistics.

Guardian staff data leak is a lesson to the media industry

The ongoing fallout from the recent ransomware attack on The Guardian shines an already bright light on the media industry’s cybersecurity challenges. Distributed and fragmented technology ecosystems have developed as a result of the ever changing media consumer landscape.

The media industry is sometimes targeted because of the influence it holds. Media companies get a high volume of traffic and are trusted by their audiences. This puts extra pressure on the shoulders of media companies, especially news organizations. The domino effect is in full force: Thomson Reuters, The New York Post, Fast Company, and now The Guardian, among countless previously reported breaches.

The industry should be put on even higher alert following the ransomware attack on The Guardian, which resulted in an internal network compromise that led to severed access to corporate services. The company has announced that personal details of UK staff members were accessed by the attackers. This development is concerning, because it exposes employees to further security risks from spear phishing campaigns or impersonation.

Generally speaking, large media organizations have structured cybersecurity programs in place, but as companies’ digital estates become well defended, malicious actors turn their attention to the supply chain, opening up a whole new attack surface.

BlueVoyant’s recent research revealed material security findings across the media industry’s vendor ecosystem, confirming that the media industry faces significant cybersecurity challenges. Continuous monitoring and a critical risk reduction remediation strategy remains paramount. Threat actors are only getting faster in exploitation of known vulnerabilities and other security weaknesses. Ensuring an air-tight security posture is growing more important than ever to prevent loss of content and operational disruption.