Politics and juicy tidbits aside, there are essentials to be taken away from Sony hacking incident. From the information available in the public domain, it can be believed that the security protocol at Sony was astonishingly sloppy, breathtakingly stupid and downright imbecile (Example: passwords and private data saved in folders named enticingly conspicuous).
However the sad state Sony finds itself in, the observation made by Joseph Demarset, Assistant Director of the FBI’s cyber division testimony to the Senate Banking Commission, that 90% of systems are susceptible to succumb, should make IT and other senior executives of organizations sit up and lose sleep. Having worked as an IT consultant, I tend to concur with Mr. Demarset.
In the past year alone, destructive activity targeting large corporations, such as, Target, Home Depot, Community Health System, JPMorgan Chase are well known. The Government agencies are not outside the scourge either. Edward Snowden dealt a debilitating blow to the CIA, whatever the motive of his actions were. There are those who have been or are being hacked, but do not yet know that they have been hacked.
This is another wake up call to aside apathy and take necessary practical steps towards protecting valuable material such as financial, contracts, intellectual property and private data of employees and customers. It does not mean another layer of fire wall or another stack of antivirus software. It necessarily involves integrated IT policies and strategies:
As technology advances, business processes, customer interactions and IT have become tightly integrated. Software and computer should become and remain secure impregnable vault at all times. If senior leadership ignores realities and considers expenses relating to IT security as superfluous, then, every day is a D day for its brand to languish in the dust bin of history!