Does your crisis management plan include the possibility of a devastating hack?
The cyberattack that crippled Sony Pictures, led to theft of confidential data and leak of movies on the internet would have challenged almost any cyber security measures, the US Federal Bureau of Investigation (FBI) has said.
The FBI’s investigation into the attack has found that the level of sophistication of the software used by the hackers was “extremely high” and that the attacks were “organised and certainly persistent.”
“In speaking with Sony and separately, the Mandiant security provider, the malware that was used would have slipped or probably got past 90% of internet defences that are out there today in private industry and [would have] challenged even state government,” Joseph Demarest, assistant director of the FBI’s cyber division told a US Senate hearing.
If your organization STILL hasn’t included the possibility of a cyber attack in its crisis management planning, the quote above, from a Guardian article by Samuel Gibbs, may help to convince the naysayers that it’s time.
It’s very simple – no matter the safeguards you put in place, no matter what high-powered security firm you use, you are vulnerable to cyber attacks. Whether it’s data theft or sabotage of systems, there is no guaranteed way to keep hackers out. While we certainly recommend putting measures in place to prevent attackers from gaining easy access, planning for an intrusion is a must if you want to mitigate the damage in the most effective way possible.
The BCM Blogging Team