51% of media firms attacked over three times a year- Hiscox

The Hiscox study was conducted in collaboration with Forrester Consulting, who conducted it.

It has been speculated by experts that the media and entertainment industry has a unique vulnerability in regards to cyber attacks, contributed partly by the involvement of high-profile products and people, in addition to complex production processes.

>Read more on the top 10 cyber vulnerabilities, and what to do about them

Commissioners Hiscox’s analysis declared that there was a lack of transparency when it comes to cyber security within the industry, with 19% of participants saying that they did not know whether their vendors had been hacked.

An overestimation of cyber security was also discovered, with 79% expressing confidence in their strategy despite a reportedly high rate of attacks over the 12-month period.

As for the types of cyber attacks involved, viruses (36%) came out on top as the most common, followed by phishing schemes (29%) and data breaches (28%).

>Read more on the when, where and how of consumer entertainment and technology today

Additionally, 49% of media and entertainment professionals surveyed stated that they were either not insured or not covered for cyber incidents under their existing insurance.

It was not all doom and gloom in regards to the survey results, however; 64% of respondents stated that they expect to increase their investment in cyber security measures.

In regards to a solution to cyber attacks for the media and entertainment industry, Hiscox recommended a three-pronged approach of:

  • Prevention: Being aware of vulnerabilities, being aware of the vulnerabilities of partners and vendors, addressing cyber prevention in every project, and making sure that staff are well trained in all kinds of cyber security.
  • Detection: Ensuring that employees know how to recognise and report an intrusion, tracking all attempted intrusions, and preparing to strengthen strategies when needed.
  • Mitigation: Having a plan for all incidents, from detection and containment to notification and assessment, observing transparency when an incident occurs, both internally and with vendors and partners, and insuring against financial risks with a stand-alone cyber policy.



Avatar photo

Aaron Hurst

Aaron Hurst is Information Age's senior reporter, providing news and features around the hottest trends across the tech industry.