Lepide Blog: A Guide to IT Security, Compliance and IT Operations

Analyzing Organizational Cyberspace Security in the Awakening of Sony Hack

Analyzing Organizational Cyberspace Security in the Awakening of Sony Hack

Not everything seems to be working right for Sony Corporation on the Cyber security front. The company has been once again attacked by the hackers and confidential company data and employees’ data has been left bare open for misuse. This particular incidence can result in massive loss for corporation, which could run into hundreds of millions. The point to note here is, if a corporation of the size of Sony is serially failing to protect against hackers, what small and medium size corporations can do?

How prepared are you to withstand such attacks?

It is time for all the companies to do a reality check at their end. Can they withstand a jolt caused by a network breach of this magnitude? In spite of several government regulations and security breaches that we read about in newspaper happening every day, not all of us seem to have learned our lessons. A reality check done by a network security research firm found that many of the organizations fall short of having robust security measures and that they tend to ignore the security best practices suggested by the government regulations.

What are lessons learned from Sony Attack?

This particular incidence of global importance can be considered as an opportunity to do a reality check on your organization’s network security. Though it is difficult to suggest a panacea for all organizations, at macro level you can certainly take a few measures to improve over all security.

Keep aside a larger part of the company’s IT budget for the network security. CIOs/CTOs need to understand that spending on network security is not an overhead but a necessity that must be fulfilled. It is not that companies have so far done nothing on cyber security front, according to technology research firm Gartner, total spending on information security in 2014 stands at a whopping $71 billion and may reach $77 billion by the end of 2015. Companies should also understand that since all their internal data can be hacked exposing their policies and past decisions to the outside world, they should not indulge in practices that can land them flat footed on sticky grounds.

What’s the global cyber security trend?

While analyzing all the organizational network security solutions in the current scenario it is important to keep second eye on the future of the information security spending. Going by the Gartner predictions, by 2015 nearly 10 percent of the IT security enterprise products will be delivered in the cloud. Also, by 2018, more than half of the firms will opt for security as service model in the data protection, security risk management and security infrastructure management. You also need to analyze your company’s network security risks in the light of the global trends and choose a technology that best meets your requirements.

Conclusion:

Before you set out to implement a robust security policy for your organization, you must ask yourselves a number of questions such as what are the elements of your company’s network. Do you need to realign your policy vis-à-vis what all sort of devices you are using in the light of the new security assessment? What all programs are running on your company’s network computers? Who all have administrative rights to bypass access rules? Are you monitoring in real time, what all changes are taking place to the organizational data? Any robust network security policy must take into account all these factors for sustainable and reliable network security.