“Getting attacked by the North Koreans for making a movie that spoofs their sad little country and its tinpot dictator makes Sony the most sympathy worthy attack victim of the millennium.”
That’s the damning view of Gartner analyst Jay Heiser, who believes following the attack, Sony has “suddenly become the globe’s cyber-security poster child.”
According to Heiser, it’s “morbidly fascinating” to see a continuing series of news articles related to the material stolen from Sony.
“Anyone with any background in Infosec is itching to learn more details about what level of protection effort was in place, and what form of attack managed to so thoroughly comprise such large chunks of their digital enterprise,” he adds.
However, Heiser believes it is too early to have a definitive opinion on the relative degree to which Sony may or may not have followed best security practices.
“It is uncertain how many additional negative consequences will accrue as embarrassing internal memos leak,” he adds.
“It is premature for any other organisation to use the example of Sony as a significant part of their business case for security program improvements.”
Echoing Heiser’s comments, fellow Gartner analyst Paul Proctor believes it’s easy to pick on the security of a company that has just been hacked, believing that the criticism levelled towards the tech company “has not been fair, accurate or defensible.”
“Make no mistake,” he adds, “there are companies with terrible security practices who have been hacked and likely deserve derision, but I have trouble believing that Sony Pictures is one of them.”
According to what is known publicly, several files were dumped on the internet that allegedly come from Sony’s internal networks, many of these are said to contain passwords.
While the actual source of the attack remains to be seen, given the glee expressed by the officials from Asia’s answer to Grand Fenwick, for the time being the industry is treating this as a surprising act of technical competence from a place that is generally considered a digital trailer.
“‘How can this be so?!’ cries the ambulance chasing security pontificators, ‘Sony has terrible security practices!’,” Proctor adds.