Sony must secure networks, analysts say

Continuing breaches suggest company's networks may be more porous than assumed

1 2 Page 2
Page 2 of 2

Jason Maloni, senior vice president of the crisis and litigation team at Levick Strategic Communications, said that Sony's ongoing security travails is sure to be taking a heavy toll on both its reputation and on consumer confidence in the company.

Maloni was part of a crisis management team that helped Heartland Payment Systems respond to a disastrous 2008 breach that exposed data on close to 100 million debit and credit cards.

Though the breach was one of the largest ever, Heartland's strategy was "to run towards the light" rather than remain mostly quiet as Sony has, Maloni said. From the start, Heartland was open about the breach, the scope of the intrusions, the causes of the breach and what it was doing to address them, he added.

Sony, in contrast, has been less open about the breach and its plan for fixing the underlying weaknesses in its networks. The company has also done a relatively poor job in setting user expectations after the breach, Maloni said.

"They should have started setting expectations very low. They should have done a better job [talking about] the perpetrators of the breach and how they were the true bad guys," he said. "I don't think Sony got out early enough to spell out what it was doing, and that has left a bad taste."

Maloni believes that if the problems persist, Sony will take more of a hit to its reputation than other companies that have suffered major breaches, such as TJX and Heartland. Those companies may have gotten a bit of pass because they were among the first companies to suffer major data compromises, he said.

But consumers since then have become less tolerant because they expect companies to learn from previous breaches, Maloni said. He expects that users will soon be asking, "What was Sony doing when all of these other companies were getting breached?"

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com.

Copyright © 2011 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
7 inconvenient truths about the hybrid work trend
 
Shop Tech Products at Amazon