David Prosser: Sony's humiliation is a lesson to businesses all over the world
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Outlook There but for the grace of God... That ought to be the reaction of executives at companies the world over to the disaster that has befallen Sony. The hack on the Japanese company has been all the more excruciating for its hopeless failure to get to grips with the problem, but in their heart of hearts, most business leaders will admit they have not taken cyber crime sufficiently seriously.
Indeed, the blue-chip names that employ the American email marketing company Epsilon – including prominent British businesses – owe Sony a vote of thanks. The attack on it has overshadowed the theft from Epsilon of millions of their customer' personal details.
In Britain alone, cyber crime is now costing businesses more than £20bn a year according to the Office of Cyber Security and Information Assurance, an agency of the Cabinet Office. And those who specialise in combating this sort of threat say that many of Britain's biggest companies have only the most rudimentary of defences against cyber crime. Small and medium-sized enterprises are generally even less well-protected.
One problem is that expensive technology solutions often do not cover the most vulnerable part of a business: its workforce. Setting up hacker-resistant firewalls is one thing, ensuring there is no risk of employees leaving a laptop on a train, say, is quite another.
The growth of mobile devices is potentially dangerous too. Companies' networks may be well protected only for employees to unwittingly present hackers with an unlocked back door when using smartphones and laptops on insecure external networks. The coffee shop, with its free Wi-Fi, is increasingly the hackers' front line.
The UK Government has begun to address the problem, with increased investment in cyber security. But the true nature of the threat is difficult to assess: companies are often reluctant to admit they have fallen prey to this sort of attack and may not have to if customers' or contractors' data has not been compromised.
As a start then, the OCSIA would like to see a central reporting mechanism, so that businesses can report attacks to a single authority. That would at least give an accurate indication of what we are dealing with – and facilitate a more robust response.
Still, better information is only a start. For companies that do not take this issue seriously, particularly SMEs that might not consider cyber-security spending as cost-effective, the Sony scandal is the loudest wake-up call yet.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments