and then … and then

The Sony hack just keeps on giving.

Initially, we heard about internal emails and employee information, like salaries and 47,000 social security numbers. And upcoming movie scripts.  And of course all the juicy gossip and unfortunate statements about Angelina and Barack.  Several law suits followed.  The good news is The Interview did well.

“Sony Emails Show China Ties,” Wall Street Journal, January 10-11, 2015 B1. Emails demonstrate on ongoing internal investigation, complete with law firm opinions, about potential bribes in connection with business in China.

Some lessons:

  1. Protect the perimeter
  2. Protect the stuff inside the perimeter (i.e., encrypt it)
  3. Don’t write stupid stuff; how would it look above the fold on the Wall Street Journal or Variety?
  4. To maintain privilege, watch where and how you communicate with your lawyers.
  5. The breach is just the beginning.


Leave a comment

Filed under Board, Business Case, Controls, Duty of Care, Interconnections, Internal controls, IT, Legal, Oversight, Oversight, Privacy, Privilege, Protect, Protect assets, Protect information assets, Risk, Security, Third parties

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s