When Hurricane Sandy hit New York City, sites like Gawker and the Huffington Post got knocked offline because their data centers were flooded. If media companies devoted more resources to CTO budgets for preventive measures like additional data centers, the sites may have stayed up.
Media tech departments are often ignored until problems like security attacks or disaster recovery arise, and then it’s up to them to fix the problem. Not putting resources into security threats — whether hacking attempts or disaster recovery — can hurt when a site becomes compromised. This is beyond a tech issue; it’s also a significant business issue. Already this year, the New York Times, Microsoft, Wall Street Journal, NBC and Facebook have each been hacked resulting in downtime for readers, but also for advertisers.
Digiday spoke with three CTOs at both legacy and new media publications. Each wanted anonymity so as to not invite any attacks to their sites.
“The problem is that there’s no revenue generated by increasing security,” said one CTO from a legacy publication. “It’s only a defensive measure.”
Building out strong security systems takes developers away from other projects and can take weeks or months of their time and not have a tangible delivery the rest of the company sees. When a site goes down, it’s tough to know what brought it down. It could be bugs, a DDoS attack or weather or power loss. It’s almost impossible to know. Remedies are expensive and take away time spent on forward movement.
For a dollar that goes into security, it’s one less dollar that goes into development. A developer focused on security is a developer not building out ad units that have immediate return.
“You can build a new feature, or you can lock the doors,” a source said. “You can’t have both.”
According to CTOs, the biggest security risk inside a media company is its employees. And in the case of the Los Angeles Times, a former employee who is accused of compromising the site after he allegedly gave a hacker from Anonymous a username and password to change an article. Last month, the New York Times, Wall Street Journal and Washington Post each announced they were hacked. Employee passwords were stolen.
Also in February, NBC.com, including the sites for Jay Leno and Jimmy Fallon, was hit by a piece of malware sending users to malicious URLs with the intent to steal bank accounts and other personally identifiable information. Security threats don’t just take down sites, but can compromise a publisher’s audience.
Educating employees to not click on suspicious links and have pins for their smartphones and laptops are easy and effective measures to take.
With distributed-denial-of-service attacks rising in the media world, media companies are finding they’re lacking defensive measures. A DDoS attack is when a website is completely inundated with traffic requests that bogs down a server.
“It’s about how much insurance you want or need,” said one CTO. “When you play blackjack and the dealer shows an ace, you might buy insurance. You won’t with a four.”
The toughest thing for CTOs is selling something that doesn’t generate revenue. But one of the ways to get funding is to educate CEOs and CFOs of the importance of site security by explaining what the loss of business will be if a site gets attacked or goes down.
“If you calculate it that it’ll take whatever to come back, that loss of revenue is significant,” said a new media CTO. “That helps to justify revenue as long as you can quantify [the loss of business]. But sometimes, there’s a bit of a challenge to quantify.”
‘Not the future’: European publishers remain steadfast in blocking alternative IDs to third-party cookies
Some European publishers believe alternatives to the third-party cookies, probabilistic or deterministic, will do more harm than good to their ads businesses.
Media Briefing: Why Leaf Group spun off its media arm into a standalone company
World of Good's newly appointed CEO Lindsey Abramo spoke with Digiday about her plans to lean into experiential and embrace niche vs. scale.
Dentsu’s latest ad report shows slowed growth, driven mostly by inflation
The good news in Dentsu's ad forecast is that there's still growth. The bad news: most of the growth is the result of inflation, while real ad pricing actually dropped a bit.
SponsoredWhat the measurement and currency discussion really means to TV advertisers
Ali Mack, head of TV and agency, Experian Major streaming video providers have recently made headlines by adopting new currencies for ad measurement, threatening Nielsen’s long-standing TV ratings monopoly. NBCUniversal, for example, has certified iSpot and VideoAmp as currencies for advanced audiences and formed the Joint Industry Committee with Paramount, TelevisaUnivision and Warner Bros. Discovery. […]
How chef influencer Tue Nguyen works with the BuzzFeed Creator Network
BuzzFeed's Creator Network has been valuable from an audience and production education standpoint, but Nguyen still drives most of her business on her own.
Dentsu’s new Web3 readiness tool shines light on the tech’s potential to complement AI
Dentsu's Innovation Initiative is launching a web3 readiness index next month — at a time when the industry is obsessed with AI. Could the two technologies actually make a good pair?