A new security strategy for Sony
2011 was a tough year for Sony.
Having been attacked over 20 times by hacktivists going after its websites, the PlayStation Network, its customers’ and company information, the corporation finally did what it should have done way earlier and appointed a CISO in September 2011.
In October, former McAfee CSO Brett Wahlin joined Sony Network Entertainment as its first CSO and has been working on implementing a defense strategy for the division ever since.
It is definitely a tough job. Sony, as most big corporations, has many divisions and even more networks. With hundreds of thousand of employees and millions of customers, attackers have their pick of who to try and target to get access to the company systems.
Wahlin, who immediately after having been appointed to the current post instituted a security operations centre (SOC) manned by HP and Arcsight employees, oversees its functioning and receives reports and information from all the corners of the Sony Entertainment Network.
The ultimate goal of the SOC and the company’s security department is to automate prevention capabilities so that the employees can concentrated on detecting intrusions and responding to them.
In order to do that, Sony will be automating all the process that can be automated, will subject its networks and systems to regular penetration testing and will begin auditing its software code more thoroughly.
Wahlin, who has a pretty solid background in social engineering due to having worked as a counterintelligence agent for the US Army, says that Sony will be modifying its programs to deal less with state-sponsored attacks and more with socially-motivated hackers.
To that end, Sony aims to collect as much data as possible regarding the online behavior of its employees in order to create a pattern. In theory, when the pattern is broken due to malware infection, successful social engineering attempts or any other reason, they will be able to spot that something is wrong and react to the situation almost immediately.
“If we detect unusual activity, it may be that someone’s been owned by a Trojan that we don’t know about, and we can stop data flying out the door,” said Wahlin for SC Magazine.
The same approach will be used for creating patterns for the transactions executed within the PlayStation Network, so that the anti-fraud team can react quickly when they are broken.
Finally, Sony will also concentrate on educating its employees and will attempt to make security a habit.
“Everyone has their own hot buttons, different genders, age groups, ethnic backgrounds, and even job types – they all have a different innate senses of satisfaction that you have to meet in order for staff to see security as valuable,” Wahlin explained the challenge the company faces.