How to Ease the Aftermath of a Data Breach – a look at Sony

What’s that age old saying? Fool me once, shame on you – fool me twice shame on me? Well in the case of Sony, what happens when you’re fooled more than twice?

According to recent revelations, at the time of the hack it appears as though there were only 11 people in Sony’s North American information security team; 11 people working to secure a company with over 7,000 employees.

Even more disturbing, the sensitive files on the Sony Pictures network weren’t password-protected or encrypted internally. This kind of public information now poses the great question: “Did Sony even understand their IT Security landscape?” What’s more, did they have a strategy around enterprise data security? Given that back in 2007, Sony’s Director of Information Security, Jason Spaltro, was quoted in an interview saying, “…it’s a valid business decision to accept the risk [of a security breach],” it clear that no real investment was made in IT security nor was there any real understanding of the importance of protecting sensitive information.

This breach, among others, is just another classic example of organizations undermining the value of data encryption. Going back to Spaltro’s 2007 interview, he also stated that he “…will not invest $10 million to avoid a possible $1 million loss.”

Experts are estimating that this hack is going to cost Sony a cool $100 million. Previous hacks have cost the company approximately $171 million. We’re not exactly mathematicians here, but it’s safe to say that these numbers just aren’t adding up.

For those organizations out there that have yet to truly understand the value of investing in security solutions, especially those that protect and encrypt their data, take a lesson out of Sony’s book and make the time to choose the right security strategy for your company.

Previous Post
Weak Passwords
Next Post
Using a Botnet to “Crack” AES Encryption Keys?

Related Posts

Keeping up with the Jones’

The evolution of technology goes at a breakneck pace. Whether it’s new products coming to market or updates to existing products – it’s a never-ending cycle. As a software company that supports multiple Operating Systems (OS), we’re no different and…
Read more

SecTor 2014 – What We Learned

Last week, thousands of IT security professionals gathered in Toronto for the annual SecTor Security Conference to share compelling research and new techniques. From malware attacks to unencrypted stolen devices, data theft is rampant in the enterprise, and security solutions…
Read more
When virtual environments get too heavy

When Virtual Environments Get Too Heavy

As an encryption security vendor that is working its way into Mobile Device Management (MDM), I’m fascinated and constantly looking at new ways to secure mobile devices and company information. As someone with a background in virtualized environments, I’m even…
Read more

Last Day Exhibiting At Interop

Today is the last day we will be exhibiting at Interop – New York. Come by and visit Booth #548 to learn about the latest in our data encryption solutions. We have specialists on hand who can answer any of…

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu