Skip to content
Tiatra, LLCTiatra, LLC
Tiatra, LLC
Information Technology Solutions for Washington, DC Government Agencies
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact
 
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact

Protecting content in the digital age: Navigating the evolving threat landscape in media publishing

In today’s digital landscape, safeguarding sensitive information has become a top priority, especially for media publishing companies where the protection of data and intellectual property is crucial. In this exclusive interview, we sit down with Anoop Kumar, Head of Information Security Governance Risk and Compliance at GulfNews, Al Nisr Publishing, to discuss the evolving challenges of cybersecurity in the media industry. Anoop shares insights on the latest threats, strategies for protecting content and user data, and how the company is navigating the complexities of information security in an era of constant digital transformation.

Q. Let us know more about you and your role within Gulfnews,  Al Nisr Publishing?

A. I have been working at Al Nisr Publishing for the past 27 years, carried many roles in the entire IT domain and specialized in Information Security, Governance, Risk, Compliance, Project Management, Change Management, Audits and DR & BCP practices. During this tenure, defined all information Security and Governance policies, procedures and guidelines and educated all involved parties on the same. Helped organization in not only protecting information assets but also bringing in GRC practices to reduce operational cost, risk and improve performance. Cybersecurity GRC by design concept implemented and embraced the users and all stakeholders to practice it.

Q. What cyber threats can a media publishing company face?

A. Digital news engagement is outpacing traditional print media, and this transformation is opening more doors for cyber attackers to deliver disinformation, steal subscriber data, and disrupt operations. Moreover, reputational-damage threats and geo-political-based attacks are increasing too. The media publishing industry does not have mandatory regulatory compliance and a sophisticated elevated threat landscape, and is a comparatively less cyber mature industry, yet faces the same external threat level as other industry verticals. This makes the media publishing industry an easier target for attackers. During the production and distribution phases, many people and technologies interact with the content, not all of whom are internal to the media organization. As a result, media companies may not have comprehensive cyber defence capabilities to cover the full spectrum of interactions with the supplier ecosystem. On the other hand, phishing and spam emails trap less cyber-educated journalists to steal their identities.

Q. What are the most prevalent types of threats to network security in recent years?

A. Misconfigurations and lack of security baselines, skill gaps and Human error, OT – IT convergence and related vulnerability exposure, Vulnerable unpatched assets, Absence of continuous automated security control assessment practices, Malware, Ransomware, Phishing, Man-in-the-middle (MitM) attacks, Distributed denial of service (DDoS) attacks, SQL injection,  etc.

Q. How much adoption are you seeing in the security team today, and how much AI is under the hood of the products most organizations have deployed?

A. I would say, AI is part of all modern security and business solutions using ML support to reduce operational cost, and risk and improve performance. However, such exposures are highly targeted by hackers using the same AI approach by the bad guys. Business workflow automation is at a higher rate using AI-featured solutions. Example: content demand and delivery based on conditions. In Cybersecurity, threat detection, response, awareness and education is AI-driven and increasing at a high pace.

Q. How do you implement a cybersecurity culture in your organization?

A. A deep-rooted cybersecurity culture is indispensable for any organization navigating today’s digital threats, especially in less matured newspaper media organizations. The advent of sophisticated cyberattacks mandates a well-informed and proactive stance, starting with the eradication of ignorance around cybersecurity risks. We must educate Employees to recognize the repercussions of their online behaviours, such as the dangers of phishing attacks or the consequences of weak passwords, to help fortify the company’s digital defences. Embrace employees to engage in hands-on simulations and scenario-based learning, which are augmented by AI for personalized learning journeys. We must define a GRC-driven Cybersecurity program and promote cross-functional collaboration to enable every facet of the organization becomes an integral part of the cybersecurity strategy, ensuring a holistic defence mechanism is in place. Defining adequate roles and responsibility resulting better ownership and maturity among employees. Make visuals of policies procedures and guidelines and place them across all organizational units.

Q. Where is the company going to invest next year and what are your goals?

A. Cybersecurity GRC by design: a solution to educate all stakeholders on top-down and bottom-up enablement in GRC, which must bring operational cost, and risk reduction and improve operational performance and compliance. Also, Generative AI; is a double-sided sword we must embrace and operate with adequate Governance to achieve business goals and cyber protection. 

We are investing to manage Third-Party Cybersecurity Risk: The inevitability of third parties experiencing cybersecurity incidents is pressuring security leaders to focus more on resilience-oriented investments and move away from front-loaded due diligence activities. We must consider enhancing the risk management (continuous) of third-party services and establish mutually beneficial relationships with important external partners, to ensure their most valuable assets are continuously safeguarded and start by strengthening contingency plans for third-party engagements that pose the highest cybersecurity risk by creating third-party-specific incident playbooks, conduct tabletop exercises and define a clear off-boarding strategy involving timely revocation of access and destruction of data.


Read More from This Article: Protecting content in the digital age: Navigating the evolving threat landscape in media publishing
Source: News

Category: NewsAugust 28, 2024
Tags: art

Post navigation

PreviousPrevious post:How not to hire a North Korean IT spyNextNext post:The unstoppable rise of AI in healthcare: What to expect at GITEX GLOBAL 2024

Related posts

CDO and CAIO roles might have a built-in expiration date
May 9, 2025
What CIOs can do to convert AI hype into tangible business outcomes
May 9, 2025
IT Procurement Trends Every CIO Should Watch in 2025
May 9, 2025
‘서둘러 짠 코드가 빚으로 돌아올 때’··· 기술 부채 해결 팁 6가지
May 9, 2025
2025 CIO 현황 보고서 발표··· “CIO, 전략적 AI 조율가로 부상”
May 9, 2025
독일 IT 사용자 협회, EU 집행위에 브로드컴 민원 제기··· “심각한 경쟁 위반”
May 9, 2025
Recent Posts
  • CDO and CAIO roles might have a built-in expiration date
  • What CIOs can do to convert AI hype into tangible business outcomes
  • IT Procurement Trends Every CIO Should Watch in 2025
  • ‘서둘러 짠 코드가 빚으로 돌아올 때’··· 기술 부채 해결 팁 6가지
  • 2025 CIO 현황 보고서 발표··· “CIO, 전략적 AI 조율가로 부상”
Recent Comments
    Archives
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023
    • June 2023
    • May 2023
    • April 2023
    • March 2023
    • February 2023
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • July 2022
    • June 2022
    • May 2022
    • April 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • September 2021
    • August 2021
    • July 2021
    • June 2021
    • May 2021
    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    Categories
    • News
    Meta
    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    Tiatra LLC.

    Tiatra, LLC, based in the Washington, DC metropolitan area, proudly serves federal government agencies, organizations that work with the government and other commercial businesses and organizations. Tiatra specializes in a broad range of information technology (IT) development and management services incorporating solid engineering, attention to client needs, and meeting or exceeding any security parameters required. Our small yet innovative company is structured with a full complement of the necessary technical experts, working with hands-on management, to provide a high level of service and competitive pricing for your systems and engineering requirements.

    Find us on:

    FacebookTwitterLinkedin

    Submitclear

    Tiatra, LLC
    Copyright 2016. All rights reserved.