Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Sony Breach Could Be Down To Poor Data Infrastructure Insight

LogRhythm : 06 May, 2011  (Technical Article)
LogRhythm comments on the data breaches at Sony believing that the electronics giant had a poor grasp on data logging resulting in data being copied without the company knowing
Sony Breach Could Be Down To Poor Data Infrastructure Insight

Sony’s lack of insight into its own infrastructure has been highlighted yet again by the news that an additional 25 million customers have had their personal details stolen. It has been revealed that users of the Sony Online Entertainment (SOE) PC games network had their personal details taken before the PlayStation Network (PSN) incident last week.


Ross Brewer, vice president and managing director for international markets, LogRhythm, has made the following comments: “This second Sony hack suggests the company doesn’t really understand what’s happening within its network. For the 25 million additional customers whose private information has been compromised, this lack of visibility will seem totally unacceptable, especially when you consider this incident occurred the day before the PSN breach, yet it has taken Sony an additional week to alert SOE users to the threat they now face.


“Reports state that Sony had initially thought that SOE customer data had not been copied, indicating that the data logging and forensic analysis capabilities required to protect digital assets are not in place. Data logs generated by every IT interaction, however small, provide a digital fingerprint that can be used to develop a much better understanding of normal IT operating procedure. In addition, they allow aberrant activity to be identified and dealt with greater ease and efficiency.


“As the volume of attacks grows so do their complexity. With talk of Advanced Persistent Threats (APT) increasing, organisations now require deeper insight than ever into their IT estate. Automated, centralised solutions are essential to effectively analyse data from across networks. By providing complete visibility of the IT estate, these systems correlate events so that complicated and unknown threats can be exposed by the anomalous behaviour that APTs are not capable of hiding.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo