This document discusses cyber security best practices for media organizations. It notes that hacking and espionage are not new threats, and that organized cybercrime is now worth more than the global drugs trade. The document outlines advanced persistent threats faced by UK broadcasters and financial institutions. It recommends developing practical security policies, mandating scanning and patching, and installing security information and event management systems to monitor for threats. The document also discusses new regulations like the General Data Protection Regulation and the need for organizations to adapt security practices to address evolving threats like ransomware and phishing.