Encryption is table stakes, but it does not solve content integrity

Encryption has become a baseline requirement in broadcast and media workflows. Streams are encrypted. Files are encrypted. Control traffic increasingly rides over encrypted tunnels. In many organizations, checking the encryption box is treated as the endpoint of a security conversation. That assumption is becoming a liability.

Encryption protects transport but does not guarantee integrity. It can shield content from casual interception, but it does not verify whether a stream has been altered, misrouted, delayed or exfiltrated by an authorized user. Nor does it protect against failures in the infrastructure surrounding the media itself.

“Encryption protects transport, but watermarking protects the content itself,” said Max Eisendrath, CEO and founder of Redflag AI. “The industry still conflates the two.”

That distinction is increasingly important as broadcasters confront threats that go beyond theft. Manipulation, falsification and operational disruption now pose equal risk, particularly in live and news-driven environments where timing and trust are inseparable from the signal.

The limits of transport security

Encryption is essential. Few security leaders dispute that. The problem arises when encryption is treated as a comprehensive solution rather than a foundational layer.

“Broadcasters often assume a workflow is secure because the stream is encrypted,” said Sergio Ammirata, founder and chief scientist at SipRadius. “They ignore the devices and virtual machines that handle it, many of which run unpatched operating systems or store credentials in clear text.”

In modern broadcast chains, decryption often occurs far earlier than teams realize. Content may be decrypted at contribution points, inside cloud environments or within third-party processing services long before final distribution. Each of those decode points introduces exposure that encryption alone does not address.

“The first step is to know exactly where decryption happens and to minimize those points as much as possible,” Ammirata said. “Every unnecessary decode is an invitation.”

Advertisement

This reality becomes more complicated as media traverses hybrid environments. Streams move between on-premise infrastructure, public cloud platforms and partner networks, often crossing trust boundaries that are poorly defined or inconsistently enforced.

“Full IP and cloud production has transformed broadcasting from a closed, predictable ecosystem into one where content and control traffic traverse multiple networks and geographies,” said Stephan Würmlin Stadler, vice president of product at Appear. “That expanded attack surface means even minor misconfigurations can expose high-value assets.”

Content integrity versus content protection

Protecting content from theft is only part of the challenge. Maintaining confidence that content is authentic and delivered as intended is equally critical, particularly for live programming and news broadcasts.

“One underexplored area is content integrity and audience trust,” said Michael Benda, chief security officer at Big Blue Marble. “The greater risk for broadcasters is not just data breaches, but the manipulation, falsification or delay of on-air content.”

Encryption can prevent interception, but it does not indicate whether content has been altered after decryption, rerouted without authorization or replayed in a way that compromises editorial intent. In live environments, even small disruptions can have outsized consequences.

“For broadcast, the hidden risk is not just whether content is stolen, but whether it is modified or disrupted in ways that viewers may not immediately detect,” Benda said.

In a recent Industry Insights roundtable, several respondents pointed to watermarking, authenticated routing and continuous monitoring as necessary complements to encryption. These technologies help maintain traceability and accountability across the content lifecycle.

“Encryption secures the pipe,” Eisendrath said. “Watermarking secures the content itself, even after it leaves that pipe.”

Jan Helgesen, head of product and solutions at Nevion, said encryption must be paired with authenticated transport and authorization.

“Modern broadcast systems require content transported over public IP networks to be encrypted using authenticated and robust protocols,” Helgesen said. “Watermarking may be used alongside encryption as part of a multi-tiered approach to content security.”

The missing focus on infrastructure and control paths

Much of the cybersecurity conversation still centers on protecting high-value content files and streams. Less attention is paid to the infrastructure and control systems that determine how that content moves.

“Timing systems, routing layers and control paths can expose a workflow long before the media itself is at risk,” Ammirata said. “Those layers are often overlooked because they are not seen as content.”

Advertisement

Yet compromise at the control level can be just as damaging. Unauthorized changes to routing, synchronization or automation systems can interrupt live production or subtly alter output without touching the media payload itself.

“The missing conversation is about taking ownership of these layers,” Ammirata said. “That requires infrastructure broadcasters can actually control and verify.”

Reliance on external cloud platforms can complicate this effort. While cloud services offer scalability and resilience, they also introduce dependencies that broadcasters do not fully manage.

“Many organizations assume large public cloud platforms will always be available,” Ammirata said. “But we have seen major outages bring entire operations to a halt.”

For live broadcasting, where continuity is paramount, that assumption carries risk.

Audience trust as a security outcome

Ultimately, the stakes of content integrity extend beyond technology.

Audience trust is built on the assumption that what viewers see is authentic, timely and accurate. Cybersecurity failures that affect content undermine that trust directly.

“Security incidents can disrupt live programming, compromise content integrity and damage audience trust,” Benda said. “That risk is often underestimated because it does not fit neatly into traditional IT threat models.”

This is particularly relevant for news organizations, where credibility is inseparable from the signal itself. Manipulation, delay or loss of control over distribution can have editorial and reputational consequences that extend well beyond the duration of an incident. To that end, some vendors are now adding systems to their hardware to integrate content verification, such as Sony’s new cameras, and governance bodies have been formed. 

Overall, the security conversation is slowly expanding. Encryption remains necessary, but it is no longer sufficient.

Advertisement

“The industry still weights the conversation toward prevention,” Benda said. “There should be more emphasis on how to stay on air during an incident and recover quickly while safeguarding editorial independence.”

In that context, content integrity becomes not just a security goal but an operational one. It requires visibility across the entire media chain, from acquisition through distribution, and an acknowledgment that threats may target systems, signals or trust itself.

Encryption secures the path. Integrity secures the outcome. For broadcasters, both are now essential to keeping the signal — and the audience — intact.