I’m Peter Webster, chief executive of Corps Security, and this is where I examine the issues affecting the security industry. My thoughts and opinions are intended to generate debate and whether you agree or disagree with them, you’re welcome to post your comments below.
I wrote in a previous blog that cybersecurity is more than just an IT issue, and that physical security and IT teams must communicate effectively to better understand their respective roles, and ensure business operations are kept safe from harm.
The news that Sony Pictures has cancelled the release of its film The Interview this Christmas after sustained pressure from a hacking collective is particularly shocking, and as I write this the White House has described the security breach as a “serious national security matter.”
Certainly, it’s hard to imagine a more destructive breach of security in terms of damage to the reputation of a business – damage that, in time, may exceed the immediate financial loss that will arise from the film not being shown in cinemas at what is the busiest time of the year for cinema goers.
There are of course also implications for freedom of speech. What does it say when an anonymous collection of hackers (whether operating on their own, sponsored by rogue states, or funded by criminal enterprises), can blackmail a multi-billion dollar organisation and get their own way?
The decision to pull the film from a theatrical release was made on the back of threats made by hackers to the film’s audience, and the combination of cybercrime and physical threat is a particularly unpleasant and, it seems, potent mix. Questions may be asked about Sony Pictures’ reaction to the security breach, and I was heartened to hear President Barack Obama urge US citizens to “go to the movies” and so stand up to what is bullying on a massive scale.
If anything positive is to be taken from this, it may be that the incident marks the moment when things finally changed for the better. A security breach on such a massive scale and with such huge ramifications may mark the moment when organisations of all sizes finally recognise the need to treat security – both digital and physical – with the seriousness it demands.
It could be that the criminal activity that lead to Sony Pictures pulling a blockbuster movie provides the impetus for organisations for all sizes to ensure that they have a fully coordinated and integrated security strategy in place.
And, for those that worry about their cyber security, my previous comments apply, and I make no excuse for repeating them here. There is no ‘one size fits all’ solution to devising a security strategy and each organisation will have its own unique considerations. That’s why using an external specialist security services provider can be highly beneficial, as it will be able to carry out a full threat and risk assessment. This can also contribute to an overall cybersecurity strategy by ensuring that surveillance and access technology, as well as manned guarding, are full optimised to protect IT infrastructure.
As I wrote before, cybersecurity is important but it will only work if the rest of the pieces of the security jigsaw are in place.