Strategic Cybersecurity For Cloud

[note 2026:] This talk now feels well ahead of the curve and anticipates digital sovereignty projects now vibrant across Europe. It ruffled a few feathers because at the time the implications of deepfake tampering in media and the problem of Europe relying so heavily on trusted (and now proven untrustworthy) foreign assets was only just dawning on people.

On a hot London night with thunderstorms brewing we arrived at Newman Street in Soho for the 10th Cloud Native Media Meetup. Sponsored by Arqiva, LiveWyer and Techex, the event was attended by about 50 people.

The CNM group meet regularly to talk about tech, TV and video media, audio and radio, with an emphasis on professional knowledge exchange through sharing technical, business, organisational and practical tips.

Our talk was all about cybersecurity for media operating on "cloud" infrastructure. Many thanks to Paul Markham and the crew for inviting The Cybershow.

Helen began by challenging Andy to defend cloud technologies despite numerous known and hidden problems including; asymmetrical ingress/egress, untrusted hypervisors, unpredictable energy and bandwidth costs, and likely back-doors in TPM. They discussed the realities of moving cloud assets in a business that is becoming siloed into walled gardens like the social media space.

The talk provoked lively debate with some commenting that we are hopelessly dependent on US providers that nobody dare compete with, and others identifying obvious resilience issues with the current situation, one that demands regulation and building of competitive European cloud capabilities.

We finished by considering new approaches to cloud security including federated compute using homomorphic encryption and advanced distributed filesystems that need not run on big-tech providers like AWS, Azure or Google Cloud.

The conversation broadened to issues beyond organisational security, and into public trust in the media in a "post-truth"/"post-trust" era, on AI and disinformation, and about the difficult position of the media with respect to cybersecurity in a new "cold war" period.