India’s media and entertainment sector is amongst the few that is witnessing technological advancements and rapid digital adoption, as the physical & virtual world blends into one. With an aim to stay ahead of the curve, Zee Entertainment Enterprises Limited (ZEEL) has been taking strategic steps to support its digital pivot, drive exponential growth across digital platforms and fortify the broader transformation it has embarked on, in line with the ZEE 4.0 approach and has set up a technology hub in Bengaluru. Now to lead the innovation and exponential growth for its integrated platforms, ZEE has onboarded Praveen Kumar as the Chief Information Security Officer.
Kumar is a veteran, who recently retired from the Indian Navy and has served in the Indian Navy for 20 years in various Information Technology /Information Warfare and Cybersecurity roles. He has engineered various Cyber security solutions for the Indian Navy.
In an exclusive interaction with Medianews4u.com, Kumar spoke about his journey from Indian Navy to ZEE’s Chief Information Security Officer, steps taken by the ZEE for cybersecurity, Bengaluru Tech Centre’s capabilities in terms of cyber security, and more.
Excerpts:
On his journey from various Cyber security roles in the Indian Navy to ZEE’s Chief Information Security Officer
My journey in the Indian Navy kickstarted as a Specialist in Weapons and Sensors in an era dominated by the analogue paradigm with semblance of Internet confined to VSATs with limited bandwidth. Aficionados like me who were one of the first few to own a PC earned the moniker of “digital savants” and more colloquially as NERDs. Cyber Security was still an elusive concept which many could barely relate to. Fairly early in life, I was enchanted with the novelty of Ethical Hacking and the contours of cyber security that innately fascinated me on the fly. It was providentially befitting that Navy , in recognition of my cyber instincts, accorded me the opportunity of pursuing Masters in Computer Science Engineering from IIT Kanpur. And there was no turning back from there. On completing more than 2 decades of engaging professional stints in the Indian Navy, I embarked on transition to civvy street and was presented with this exciting offer of heading the Cyber Security Vertical at ZEE, a new odyssey of transformation in uncharted waters. What characterises the uniqueness of the role is the novelty of challenges and the emerging opportunities distinct from a conventional Cyber Security billet.
On current role and responsibilities
In the current role, I am responsible for the overall Cyber Security posture of ZEE. Heading the Cybersecurity vertical of the leading Media and Entertainment (M&E) Company of the Country is certainly fraught with challenges and opportunities galore with an enduring sense of responsibility to respond to the business requirements of ZEE. In any organisation, cyber security is all about the ‘business’ and protecting the business, brand, and reputation, while enabling the business operations. The productive combination of aligning business mission with cyber/IT essentially provides and supports the lifeline of any company’s success in traversing the prevalent and emerging risks in the cyber space, with particular currency and prominence in Media and Entertainment Industry. I say that because in most of the other domains, the threat vector is limited to protecting the organisations from Data Breach, in M&E industry we also have the additional responsibility of delivering the Content which is our CROWN JEWEL securely to millions of customers around the globe in line with the core business needs and strategy.
On steps taken by the ZEE for cybersecurity
ZEE has been a frontrunner in adopting and adapting to an efficacious framework to combat Piracy. Cyber Security has been a key thrust area for the organisation driving substantial investments towards acquisition of potent tools, technologies and expertise. The leadership at ZEE has been immensely customer oriented with sustained impetus on Data Privacy and Content Security. We, at ZEE, constantly strive to stay ahead of the ever evolving cyber security curve to ensure a secure, synergic and efficient content delivery paradigm in tandem with core business needs.
Piracy is robbing millions of dollars of revenue for content creators. Is the global market doing enough to fix this issue?
As the entertainment industry continues to evolve from broadcasting and DVD/Blu-Ray sales towards online content and streaming, to vast swathes of consumers across numerous Zones, the Cyber risks and their potential impact have also increased manifold. The wide range of content delivery platforms and plethora of delivery endpoints have only compounded this complexity with increasingly organised and sophisticated cyber criminals prying the digital landscape.
With the M&E industry world over having migrated to Digital content, Data Privacy and Content Security have gained immense currency and impetus in these organisations fuelling large scale measures and investments to building a cyber-resilient infrastructure to provide end to end protection and security to vital assets from internal as well as external threats. With robust and responsive cyber security governance in place, the risks of piracy are expected to be considerably neutralised and mitigated in impact.
On Security challenges in the media and entertainment industry
Entertainment industry has evolved at a breakneck speed from traditional broadcasting and DVD/Blu-Ray sales toward online content and streaming in the past decade with proliferation of OTT. However, the Digital move was not adequately fortified by the Cybersecurity initiatives to support the business. This has resulted in many reputed players in the M&E industry being exposed to Cybersecurity incidents. The M&E industry needs a two pronged proactive strategy to deal with Cyber Security threats. While the traditional well documented controls to deal with Data Breaches, Safeguarding PII etc need to be sustained, the second and equally important one pertain to the controls to safeguard the content which is considered to be the CROWN JEWEL of the industry and in that the raison d^etre of the M&E industry. This part becomes slightly challenging due to lack of precedence and platter of rule books or mature processes which would guarantee Content security. This clearly engenders the need for a dynamic team with out of the box approach for novel solutions especially designed for the Platform.
On overcoming the challenges
Right from the time content is acquired, processed and transferred to transmission channels, stringent security controls need to be instituted to ensure protection of both the Content and User data from unauthorised and malicious players. We also seek to incorporate state of art forensic tools like which enable us to localise the source of content piracy and subsequently take appropriate action against the Pirate. We also have centres monitoring the Web as well as the Dark Web for Content/Data privacy in near real-time. Advanced AI/ML based algorithms are used to monitor and track the content at various stages.
On Bengaluru Tech Centre’s capabilities in terms of cyber security
The ZEE 4.0 transformation journey continues in its endeavour to drive impactful change. The process aims at creating a digitally adept, data-first Company that will be a leader, in all formats of content consumption, both linear and digital, across India and key international markets.
The Company’s expansive Tech & Innovation Centre in Bengaluru has onboarded industry leaders and domain experts in the fields of security, technology, product, data and design. The centre in Bengaluru will help build a strong cohort to cater to the new-age consumers seamlessly across connected devices, built on a futuristic tech stack that will enable engineers, data scientists & Security Specialists to unlock innovative technology-led solutions.
This Centre would develop, implement and operate all the Cybersecurity controls based on the latest technologies to enable Safe and Secure delivery of Digital content. The cybersecurity cohort would have specialists in Cybersecurity operations, Cloud Security Architects and Data Security Engineers, who along with ensuring safe handling of Data would also ensure Data Handling Governance/compliance requirements based on the Law of the Land. This centre would be equipped with the latest technologies in the field of Information/Cybersecurity based on AI/ML models which would be future proof therefore forming the Gold Standards for Cybersecurity in the M&E Industry.
