TVN Tech | Engineering + IT + Security = Collaboration Roadmap

A decade-long migration from hardware to software, underway in the media and entertainment industry, has been slowed by companies’ inability to coax engineering teams to collaborate with the growing ranks of IT managers being recruited into the industry. A roadmap, drawn up at a February Cybersecurity for Broadcasters Retreat in Orlando, offers a way forward.

Broadcasters working their way through a long migration from hardware to software in their technology infrastructure have complained repeatedly about a lack of communication between their engineering and IT teams.

Television’s engineering community, long known for its round-the-clock devotion to keeping high-quality video and audio on the air, have little use for IT teams asking to shut down parts of the workflow in order to scan for potential security breaches.

IT teams, often charged with security and called upon to help with the IP transition, don’t have enough access to engineering teams and often lack a basic understanding of television production and distribution technology.

Technology vendors can get caught in the middle, particularly when responding to RFPs. Too often, they find themselves trying to fill out long, generic security questionnaires that don’t have much relevance to the technology being considered. This slows the process of creating a meaningful proposal.

The issue of increasing collaboration between engineering and IT comes up annually at TVNewsCheck’s Cybersecurity for Broadcasters Retreat. The most recent CBR, in February, featured participants from TV’s engineering, IT and security communities. They developed a roadmap of recommendations for solving the problem.

For security reasons, TVNewsCheck is publishing it here without reference to the people who created it or their companies.


Co-Locate Engineering And IT

  • Locate engineering and IT teams in same shop
  • Structure management of both teams to work closely together
  • Have both groups represented on projects

Frame The Relationship As A Partnership, Not A One-Way Street

  • Both teams are in this together, working for the same goals
  • Work together on vendor engagements to leverage expertise of both sides
  • Create cross-team backups for essential roles such as network, SEP or AD admins

Create Specs And RFP’s Jointly With Input From Creative, Engineering And IT/Security

  • IT/Security requirements are just as important as editorial/creative features and engineering requirements. It’s important to Include input from all three groups as core information in an RFP
  • Continuously discuss trade-offs and aim for a balance of functionality in the creative, engineering and IT/security triad
  • Agree to internal compromises before the RFP is issued and set expectations
  • Evaluate responses and agree to the selection with input from all three perspectives
  • Performance of the product or service should be evaluated from all three perspectives before final acceptance
  • Do not introduce IT/security requirements as an afterthought.  This is not productive.

Acknowledge This Is Difficult

  • Years of habit make this a difficult change
  • Inertia in the industry means media companies don’t always have vendor support. Team up to win this fight.
  • Engineers may feel a loss of control. Acknowledge this.

Vendor-Broadcaster Partnerships Are The Future  

  • This requires creating what is essentially a four-way partnership (creative, engineering, IT/security, vendor)
  • Lack of internal synchronization (e.g. engineering and IT/security) is just as bad as a lack of sync between creative and the vendor
  • Don’t point fingers – don’t allow a vendor to be “blamed” for new, more stringent internal security requirements
  • Be mutually supportive

Empower Engineering To Embrace The Change

  • Make them admins for security measures that impact their air-critical systems
  • Educate them on traditional IT disciplines
  • Segregate the network as necessary
  • Make security a point of pride rather than a bone of contention
  • Invite engineering into CAB and other IT teams

Reinforce The Change: Continuously Remind Why We Are Doing This

  • Security makes it hard for engineers to do their job. We have to demonstrate its necessity
  • Make direct connections from their work to how risk is mitigated
  • Use structured change management to create awareness and desire

Keep Vendors Abreast Of Changing Security Requirements

  • Make new IT/security requirements known to vendors so they can gracefully evolve their products and services
  • Share preferred test procedures and methodologies with vendors so they can be replicated in their own labs

Do you have suggestions for this roadmap? Please email them to [email protected]

Comments (1)

Leave a Reply

GabrielLuke says:

May 19, 2020 at 1:28 am

I don’t think people should take this too literally, while it lays out the basic progression, don’t think you are limited to only those jobs.

With certs and education it is possible to skip several of these steps, and move up much more quickly.

I have been in IT and business security about 8 years total, and this chart says about 20 for where I am now. Pay listed on the chart is a bit low as well.