New Video from @NoLimitSecu: Deep Dive into TPN Certification in the Film Industry

In this special episode of the weekly French-language podcast dedicated to cybersecurity, Jean-Philippe Goullier leads an in-depth discussion on the TPN (Trusted Partner Network) certification in the film industry. Guests Valerou, CEO of Stratégique Zone, and Judy Cael, head of Alpha X Data, share their expertise on this certification specific to the audiovisual industry. The TPN certification, initiated by the Motion Picture Association (MPA), aims to protect audiovisual content from piracy and intellectual property theft. It is based on Best Practices inspired by standards such as ISO 27001 and SOC 2, adapted to the specific needs of the audiovisual industry. Valerou explains that TPN is a recognized assessment in the industry, allowing companies to avoid multiple certifications and verifications. Judy Cael adds that TPN is more focused on precise security measures rather than general information security processes. The TPN certification process involves several steps. First, the company registers for the TPN program, completes its profile, and pays a contribution based on its size and turnover. Then, it uploads its existing certifications (SOC 2, ISO 27001, etc.) to generate a questionnaire. Once this questionnaire is completed, the company obtains the Blue Shield, a self-assessment that is not verified by a third party. To obtain the Gold Shield, an independent evaluation is required, involving a TPN-accredited evaluator. This evaluation includes a site visit, interviews, and the writing of a report that is then validated by TPN. The costs of implementing TPN vary depending on the size of the infrastructure and the measures to be implemented. Valerou mentions that costs can range from 20,000 to 120,000 euros, with rates freely set by the evaluators. Judy Cael points out that the evaluators are accredited by TPN and their responsibility is limited to validating the evidence provided by the company. The implementation of TPN can be motivated by several factors: a customer request, a desire for visibility on the TPN site, or an internal decision to secure the infrastructure. Valerou notes that some studios prefer to implement TPN to structure their security, even without external demand. Judy Cael adds that TPN has become a contractual condition for working with major content owners like Disney, Warner Bros, and Sony. The security measures imposed by TPN can include access controls, background checks of collaborators, and physical security measures such as window opacity to prevent information leaks. Valerou mentions that some measures may be deemed inapplicable, such as the ban on mobile phones in open spaces, depending on local regulations. In conclusion, TPN is seen as a catalyst for maturity and security for audiovisual studios. Although heavy and costly to implement, it brings increased sustainability and security. Valerou and Judy Cael emphasize the importance of change management and justification for measures not applied. To learn more, watch the full video: https://www.youtube.com/watch?v=sDwv0u94YD8