Content is a Commodity Hackers Want to Steal: Here’s What Publishers Can Do About It

By Love Hudson and Leslie Laredo

The American Wild West…we would never compare or believe this non-tech era could be similar to the digital era in which we now live. But the American Wild West and the digital era actually have many similarities. The Wild West was a time of pioneers exploring new lands, prospectors introducing inventions, laws loosely defined to defend against outlaws and of course, bank robbers who targeted vulnerable gold deposits and cash and gunslingers seeking others’ valuables. Today, there is just as much exploration of the digital frontier, start-ups are driving innovation, privacy laws are still being defined and enacted and digital gunslingers (hackers) are exploiting the vulnerable and stealing valuable data.

If data and content are king, hackers are in hot pursuit of it. As a result, publishers are at risk. In recent years, a myriad publishing and entertainment giants have suffered significant data hacks, including Lions Gate Entertainment, Sony, the New York Times, Bloomberg and even the anti-adblocking firm PageFair and the exposure of 501 of their publishers to malware attacks. If Sony hack a few years back had been made into a western-style movie, it could have been called The Great Digital Heist as hackers exposed 47,000 social security numbers, high-level emails between executives, and spoilers for upcoming releases. HBO suffered major blows when its servers were hacked, and several Game of Thrones leaks infiltrated the web. Smaller publishers are not immune: a staggering 43% of all data hacks are against small businesses. Content, whether from a large publisher or a smaller player, is valuable.

Publishers, and their marketing partners, invest heavily in unique content that defines a media brand’s offering and use data to define and develop algorithms to uniquely target audience segments. The threat of losing this protected content, the hard-sought brand identity, and defined audience attributes is not insignificant.

Beyond just the loss of intellectual property and, of course, reputation with advertisers, marketing partners as well as users, subscribers and visitors, data hacks will cost publishers significant amounts of money, time, and manpower. After all, publishers hold the keys to incredibly sensitive, and in-demand, 1st party data and internal information such as private salary information, confidential emails, valuable content assets, defined audience qualities and much more that can disrupt publishers’ efforts and derail major investments planned by their partners.

The ramifications from these kinds of data hacks create not just bad publicity, but lead to a lack of trust with advertisers and marketing partners and will require significant costs to remediate, occupy the manpower of a mitigation team, lead to a diversion of active resources, create human resources and talent issues, increase insurance fees, and, of course, demand the involvement of legal teams and resources.

From vulnerable firewalls to a well-meaning employee who clicks on a link to malware, the potential for a major data hack haunts companies of all sizes and across all verticals. Given the myriad headline-making data hacks impacting publishers of all content and of all sizes, publishers are presented with a do or die choice, adapt and protect data now…or pay the price later.

As technology becomes more evolved, the tricks external and internal hackers use is continuously evolving. It is not enough to rely on firewalls alone; though there may be no sure-fire way to protect against the possibility of a hack and the ensuing fallout. Publishers have a responsibility to take all foreseeable precautions and get into full compliance with current regulations and cybersecurity best practices. A disgruntled social media manager was convicted to 25 years in prison for using his hacking skills to share the username and password to access the L.A. Times servers in an hacker’s chat room. Teams must be fully trained and every employee working with company data, in any capacity, must buy-in to the importance of safeguarding it through vigilance and best practices.

To get teams up to speed, and to ensure best practices are properly identified and implemented, it is crucial to secure an outside perspective. The cyber security landscape is constantly changing, and though organizations of all sizes often have homegrown cybersecurity solutions, the sheer number of hacks at major publishers across the globe demonstrates that these homegrown solutions are simply not enough. In-house IT teams are not cybersecurity specialists and it would be impossible to expect the same team that specializes in keeping the network up and running on a daily basis would also be able to devise the level of security needed to prevent advanced cyberattacks.

Publishers must consider bringing in experts that specialize in this level of cybersecurity and fully understand the cybersecurity landscape along with the data needs of their organizations. These experts can help publishers best navigate the complexity of data privacy laws together with the evaluation of available and appropriate tools to use. Part of mitigating cyber risk incudes training the publisher’s team to identify behaviors and actions that amplify risk factors, help locate problem areas, and teach employees how to uphold any and all regulatory compliances that are essential in preventing attacks and safeguarding vital content and data.

Data and content can’t be secured without a thorough understanding of where vulnerabilities lie. Publishers must proactively protect their valuable content and data. A first step is a discovery process and audit of the publisher’s data assets to find potential threats. The next step is to develop a response plan with detailed procedures for in-house tech teams to implement. Proper training is a must for employees at all levels to learn how to prevent data hacks and for the tech teams to maintain best practices.

Just as the robbers and gunslingers once plagued the American Wild West in the 1800’s finally came to a halt thanks to a series of clever tricks and safeguards such as exploding dye packs, digital gatekeepers can strategize and implement advanced technology and practices that go far beyond just catching thieves by actually stopping them in their tracks.

To help calculate the risk, MarDat and Laredo Group created a PDF with 30 questions that need to be addressed by publishing executives. The questions cover all the topics that should be evaluated to determine if any next steps need to be taken. The Cybersecurity Risk Assessment Questionnaire can be found at https://mardatadvisors.com/risk/

Love Hudson, President and Founder, MarDat a global consultancy on marketing technology, can be reached at love@mardatadvisors.com.

Leslie Laredo, President and Founder, Laredo Group, a global media training provider can be reached at leslie@laredogroup.com.