Posted by: David Scott
authentication, authentication questions, cost of data breach, credential information, credentialing information, credit card breach, credit card data, data breach, data breach expense, data compromise, data control, ID, login, password, playstation, Sony, Sony PlayStation, user data, user ID
Just kidding – it’s only Part 2. (Please see first article, just below this one for reference).
Sony has said that this information has been compromised: User name; address; country; e-mail address; birthdate; PlayStation Network/Qriocity password and login; and handle/PSN online ID.
Wow – that’s quite a bit. But it gets worse, and I always hate the “maybe(s), might have been(s)…” etc. – there may have been breach of user billing address, purchase history, and various password security answers. Ouch.
I had to laugh at some counsel from the Washington Post Business with Bloomberg section (which I saw online – I no longer reside in DC, but have many fond memories…):
This is certainly a big data breach and spells a lot of trouble for Sony’s image, but there’s no need for consumers to panic. Just deal with it the same you deal with any data breach…
Yah. No big deal… handle it like that last breach you suffered through – and, hopefully the next one won’t be any bigger a deal than this one either.
Now, I don’t advocate panicking – I’m all about serious, straight-ahead tackling of problems – establishing empirical measures and solutions, for meritorious outcomes and protections.
But frankly, a rather casual attitude seems to exist here – paired with some good advice, make no mistake – I like it the advice. But, in the realm of risk, unmanaged possibilities become probabilities.
And here, Sony had tipped into the realm of probability: Given the outcome, there can be no argument. Let’s understand this fully for anyone and their position in today’s Weave:
1. Sony was in the realm of risk – we’re all there, particularly if we have any kind of online presence and business. Risk – assumed and beyond: Acknowledged.
2. Sony entered a zone of unmanaged possibilities; again, given the outcome, there can be no argument. The possibilities were engendered by someone who was not surveying the environment adequately, nor putting in place the prudent, forward, security posture and measures necessary. (Note: This is not fault-finding; the “someone” or “someones” may not have been able to survey adequately; may have been inhibited by budget; lack of training; or maybe the appropriate “someone,” department, security posture, etc., was simply missing in action at Sony).
3. As usual, the unmanaged possibility manifested as a probability – and – the probable happened, as it always must – simple odds favor the probable, to the point that an unmanaged probable will always manifest.
Odds favor the probable, and left unattended, the probable will always manifest.
Thus, in the realm of risk, unmanaged possibilities become probabilities.
Survey your domains.
NP: Yardbird Suite, Charlie Parker, www.Jazz24.org – followed by Keep on Gwine, Stanton Moore… all I can say is… wow – each over 13 minutes of fine, fine, fine jazz…