Audiovisual (AV) systems could pose a significant cyber risk, particularly as most modern AV systems are now connected to enterprise networks and the internet, and AV solutions are increasingly AI-enabled.
This is according to industry stakeholders who were speaking ahead of Mediatech Africa, the technology showcase for AV integration, unified communications, broadcast, streaming, studio and production, pro audio, lighting, staging and display solutions.
Dr Maiendra Moodley, Institute of Information Technology Professionals South Africa Professional CIO ( Pr.CIO), and speaker at Mediatech Africa, says AV systems are one of the most overlooked attack surfaces in enterprise cyber security.
He says: “Connected boardrooms represent some of the most information-rich environments within an organisation because they sit at the centre of executive decision-making, strategic planning and commercially sensitive discussions. While ransomware remains a significant concern, organisations should not underestimate the espionage risk.”
Jesse Bosch, Head of Commercial at Prosirius, notes: “AV is not just in the boardroom: digital signage now touches the network, as do your media players, anything for wireless presentations, your touch panels, your IPTV endpoints, control processors and many other edge devices. They all fall within the AV category and they’re hitting your network, so they could create vulnerabilities.”
Accountability and governance is crucial
“The biggest mistake organisations make is believing that AV is somehow separate from IT,” Dr Moodley says. “The moment a conferencing platform, digital signage system, wireless presentation device or boardroom camera connects to a network, it becomes part of the organisation's cyber attack surface. If a device is connected, it must be governed. Organisations should apply the same security principles to digital signage and public AV systems that they apply to any other network-connected asset. The most dangerous systems are often the ones nobody thinks of as computers.”
He notes: “The problem is not the technology itself. The problem is accountability and governance. AV frequently falls between facilities, IT, operations and security, creating accountability gaps that attackers are more than happy to exploit. Attackers do not respect organisational charts.”
Historically, functionality, interoperability and user experience often took precedence over security. But security and usability should not be viewed as competing objectives, Dr Moodley says.
Sean Bethell, Head of Engineering at AVT, says: “As the complexity and interconnectedness of AV systems has increased, along with the rapid uptake of AI systems, organisations are focusing more on cyber security around AV systems. It's no longer sufficient to have enough IT and cyber security knowledge just to get by. Organisations need specialised expertise or collaboration between traditional AV and traditional IT systems to collectively tackle and address this risk.”
Stuart Pringle, Managing Director of Omega Digital Services, says: “Most customers are totally risk averse when it comes to security, so they want to understand how AV integrators will align with their security standards. They must have the right credentials, implement trusted technology and VLANs, and work closely with OEMs to offer the assurance that our solutions are secure.”
To better secure the AV environment, Dr Moodley believes manufacturers should adopt security-by-design principles, ensuring that authentication, encryption, secure update mechanisms, vulnerability management and supply chain assurance are incorporated throughout the product life cycle, while organisations should focus on designing secure environments where strong authentication, access controls, device management and monitoring operate largely behind the scenes. “Security can no longer be treated as a feature to be added later. It must be embedded from the outset,” he says.
The Institute of Information Technology Professionals South Africa (IITPSA) is a strategic partner of Mediatech Africa 2026. The exhibition will be held at the Kyalami Grand Prix Circuit and & International Convention Centre from 30 June – 2 July. Register free before 29 June. For more information, go to https://www.mediatech.co.za/ and use the code MTA026.
Share
Editorial contacts