Companies must learn from the mistakes made by Sony Pictures leading up to a data breach carried out by the Guardians of Peace - and that should translate to increased network security and better training for employees. In addition to the stolen movies and leaked employee personal information, embarrassing emails sent and received among executives at the company caused an additional layer of an expanding public relations nightmare.
"Now you have to operate under the mindset that my email is not confidential," said Frank Mong, GM of enterprise security solutions with Hewlett-Packard, in a recent interview published by the San Jose Mercury News. "We should all live with a little more paranoia when we do these things - ask, 'Is this really legitimate?' Should I really be clicking that?"
While the SPE breach is an ideal learning opportunity, many companies will refuse to make adjustments and could be next in line to suffer an incident. Companies need to create guidelines that force employees to use more complicated passwords, and hire third-party cybersecurity firms to educate employees on identifying phishing and spear-phishing attacks.