Before Sony Pictures Entertainment was compromised in a significant cyberattack that crippled its computer systems and led to large amounts of data stolen, the company was warned of lapses in cybersecurity. SPE's firewall and at least 100 other devices were being monitored by the studio's in-house team instead of Sony's corporate security team, according to an audit done by PricewaterhouseCoopers (PwC).
"Security incidents impacting these network or infrastructure devices may not be detected or resolved [in a] timely [manner]," according to a PrincewaterhouseCoopers confidential report available in September. Re/code received a copy of the report and indicated SPE knew of significant security problems, but had a slow reaction time before trying to resolve problems.
Hollywood studios and other major corporations have the opportunity to learn from SPE's significant data breach, at Sony's expense.