Why it’s so hard to calculate the cost of the Sony Pictures hack
The cyberattack on Sony Pictures went far beyond the typical corporate hack -- with attackers allegedly leaking huge amounts of data, including personal information about employees and internal company strategy information. The malware reportedly used in the attack also damaged the underlying systems at the company, making recovery much more difficult than other types of corporate cyberespionage....
"These attacks are pretty devastating," said Kurt Baumgartner, principal for security research at Kaspersky Lab. The investigation into the situation could run on for months, and the cleanup will likely cost millions "if not tens of millions," he said.
Jason Spaltro, then executive director of information security at Sony Pictures, called it a "valid business decision to accept the risk of a security breach" in a 2007 interview with CIO Magazine, adding he would not invest "$10 million to avoid a possible $1 million loss."
http://www.washingtonpost.com/blogs/the-switch/wp/2014/12/05/why-its-so-hard-to-calculate-the-cost-of-the-sony-pictures-hack/
OK, look at it this way:
- 2007: Sony would not invest "$10 million to avoid a possible $1 million loss."
- Also 2007 TJ Maxx, reported over $250 million
- 2011, Sony's PlayStation Network an estimated $170 million
- 2011: RSA $66 Million
- 2013: Target $400 million
- 2014: Sony ???
Fusion [ when did Kash Hill leave Forbes? Halloween - Oh I was London] reports that documents leaked after the recent attack show the company had just 11 people assigned to its information security team: "Three information security analysts are overseen by three managers, three directors, one executive director and one senior-vice president." (Sony Pictures did not respond to requests for comment for this story.)
BTW - According to Wikipedia, Sony Pictures Entertainment revenue for as of March 2014 was $8.0B
No comments:
Post a Comment