Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Sony breach is a new breed of attack that needs new responses

Tim Greene | Feb. 25, 2015
Sony Attack is a wake-up call and businesses need to invest in staff, training and tools to avoid the disaster Sony faced.

Penetration testing should look at IT and non-IT business processes, and should include how vulnerable the organization is to social engineering.

Training employees in safer behavior is a must. "People will not change their behavior unless they have motivation to do so, and organizations must generate that motivation in a positive, consistent and persistent manner." They should be motivated to use digital media safely, and perhaps people-centric security is in order, the report says.

"The rise of ubiquitously connected devices and the Internet of Things has expanded the attack surface, and commands increased attention, larger budgets and deeper scrutiny by management," The Gartner report says. "Security is not a technical problem, handled by technical people, buried somewhere in the IT department. ... Risk-based decision making requires improvements in non-IT executive communication and engagement."

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.