According to Bloomberg Businessweek contributor Paul Barrett, there are two types of corporations: "those that have been hacked and those that don't know yet they've been hacked." In the case of Sony Pictures, the former is the most applicable description.
But this has not always been the case. Sony definitely didn't know when it was being hacked or for how long it had been happening when the company's IT department was found to be severely lacking in function and security. According to Gizmodo contributor Ashley Feinberg, one document leaked in the Sony Pictures hack revealed that there was serious concern - and little action - regarding organizational IT shortcomings.
"The report showed that not only was the company ignoring basic security protocol, [but] its IT security was plagued with unmonitored devices, miscommunication and a lack of accountability," Feinberg wrote. "It's dated September 25, almost two months to the day before hackers exposed thousands of the company's most sensitive documents."
Network security is of the utmost importance. Not only does it keep systems running predictably, but it prevents data loss and hacking, which can be especially critical when dealing with communication channels like email. Businesses make cybersecurity one of their utmost priorities, namely with an increasing number of single source communication apps and mobile devices entering the workplace.
Stakes are higher than ever
Information is not the only thing residing in IP connections these days. This is particularly true in relation to evolving telecom assets, which are making their way from siloed endpoints to smartphones and desktops. Voice is perhaps what needs to be accounted for the most in these situations, as landline telephones have historically been favored over VoIP until fairly recently.
Phone conversations have to remain protected. Businesses that are moving their connections over to data lines will have to update and upgrade their security measures accordingly - especially if they are already aware of existing problems. One effective strategy that can be leveraged in order to defend against intruders is known as a honeypot.
Honeypots are fake networks created to fool would-be hackers. Hackers break into the honeypot like they would with the real network and begin collecting what they are led to believe is authentic information. While they are being kept busy, the system starts to learn about the intruder and makes adjustments to the actual network's security. Once the cybercriminal realizes that they've been duped, they may try to break into the real network, but it will be too late.
Sony breach has lessons to teach
Barrett believes that focusing on the gossipy details of the attack on Sony misses the point. The company's relationship with its IT department is in great need of repair, because it is clear that cybercriminals won't pass up on a golden opportunity to cause mayhem.
Chances are that even if no damage was done, your company's network has been hacked into at least once. In order to minimize the frequency and impact of these attacks and protect data and communications, businesses will have to invest more time and effort into protecting their networks.
Learn more about how ESI is keeping the cloud secure here: