The Security Detail

Apr 30 2011   8:33PM GMT

What Sony Doesn’t Know Might Hurt You



Posted by: Tony Bradley
Tags:
data breach
network forensics
PSN
Solera Networks
Sony Playstation Network

Details are still a bit sketchy on the Sony Playstation Network data breach. At this point, it is stil hard to tell if Sony is not sharing details because it is trying to cover something up, or because an investigation is pending and it doesn’t want to give away what it knows, or because it simply has no clue.

Peter Schlampp, VP of Product Management for Solera Networks, commented, “Sony advised customers to be vigilant in keeping an eye on their credit card statements. If Sony had clear details of which customers had been affected by the attack, they would be able to work directly with them. Not knowing the details means that Sony now has to assume that all 77 million accounts were affected. In reality, it may have been fewer than a million, maybe only a few thousand. In fact, it could have been only 10.”

 

Schlampp added that without decent logging and network forensics, Sony may simply not know what was breached, or how, or when. Organizations need to proactively put network fornsics tools in place. After a data breach, it’s too late. 

 

He summed up with, “Every organization should be waking up to the fact that we are in a new threat environment, and the methods and technologies needed to secure our networks have changed.” 

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: