Risky Business: Cybersecurity in AV

Risky Business: Cybersecurity in AV

Lindsey M. Adler A few holes in one, that 11th hour defending champion lead dissolution, the rolling greens under blue skies peppered with gaggles of the most civilized sports spectators in the world—such was the 2016 PGA Masters Tournament in a (very small) nutshell. But did you catch those commercials? AT&T, IBM, and others, provided a steady stream of cybersecurity and cloud services for sale. Having just come off a string of cybersecurity expert Q&As, watching commercials run during the Masters hit me with a resounding realization: This whole network security thing is an even bigger opportunity than I thought.

I already knew just from the feedback I received and audience engagement at the cybersecurity sessions at Symco’s Regional Roadshows in April that we hit on a really hot topic for AV professionals. When polling attendees, most cited very little knowledge of the topic, and they were eager to take the discussions further.

AV equipment can easily be used as an entry point to a network to access sensitive information at a company. The failure to use strong passwords, allowing remote access to devices, protocols like FTP, are all points of entry. “If you can log into a device, so can someone else,” stated Jim Meyer, of Coordinated Response, an incidence response consulting firm. Sources of malware exist everywhere, and there are many cases publicized where a company’s website—often a lifeblood for its business—could be held ransom for a hefty fee in order to return to operation.

Even outside of the typically highsecurity verticals of government, healthcare, finance, and education, an integrator or client might wonder, “Why does anyone want to hack my data?” Often, it’s simply for bragging rights.

We’ve been hearing about how customers don’t care to have bells and whistles on their AV systems that they’ll never need, but these extra functions happen to also be security liabilities, and they should be proactively turned off. That SNMP protocol? Some companies use it to monitor network activity, and so can a hacker.

We did an informal poll in advance of the sessions to gauge topics of particular interest, and one comment expressed surprise that an AV cybersecurity expert even existed. Joel Bilheimer, of Pershing Technologies, said he’s one of maybe a dozen in the industry.

While SCN will be exploring the nuances of this dynamic topic much further in the coming months, the point I’d like to zero in on here is that network security is, without a doubt, a huge opportunity for AV businesses to capitalize on. The risks and prospects alike are realities for which you need an action plan. Whether it’s hiring or training for it, there’s money to be made, clients to be rescued, and value to be delivered.

Lindsey M. Adler

Lindsey M. Adler is an audiovisual storyteller based in New York.