The cyber security assault on Sony Pictures Entertainment Inc., raised the risk and impact of hacking to another level because it was designed to damage the company, their brand and the personal reputation of the their executives. Corporations have long dealt with hackers that sought trade secrets and financial data, but the Sony attack is highly personal. Sensitive information, including financial data, details about forthcoming films, and complaints about business partners, were made public to discredit the company. This is a new milestone.
The attack on Sony, blamed on North Korea has come at the end of the year of succession of data thefts at retailers – Target, Home Depot, Neiman Marcus Group to name a few.
Every company should be thinking, ‘What would it be like if everything in our company was made public?’ This should change how companies think about security – a determined hacker can eventually find a way in. The focus needs to be data protection not just prevention.