Cybersecurity Essay Sample: Case Study of Sony Entertainment Pictures

In 2014, Sony Entertainment Pictures was hacked by a group called Guardians of Peace (GOP). The hacked information included Sony films and information of their employees. FBI information provided leads that malware information did the hacking. Other evidence pointed out to Sony staff, some who had information regarding the passwords, and other information pointing to sympathizers of people who pirate Sony pictures.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

The above situation is a nature of cyber-tech crime. Cyber-tech involves protecting business information in digital form against theft or misuse. Companies need to protect themselves against the threat by criminals and sometimes employees who release such delicate information to outsiders. At the face of the Sony Pictures threat, the role of the CEO was to adopt cybersecurity approaches which are all-inclusive and involve other senior executives in a company so as to protect critical information without jeopardizing business innovation. In the Sony Pictures scenario, the breach occurred during a transition between security officers and chief information. Therefore, it is key that everyone was involved, and defined responsibilities existed in Sony pictures, that way it would have been easier to determine where the leak occurred.

Many companies should always be prepared to be hacked. They should prepare for the worst, and fill the gaps as soon as they are discovered. It is also important to examine all the available avenues while utilizing all the security features available. With the acceleration of cyber technology, companies need to make a quick move to keep up by making decisions which prevent systems from being hacked. Forbes estimates that at least a value of 21 trillion is at risk of if companies cannot adequately combat cybersecurity. In the new technological era, it is crucial that a company's internet security can counter threats of cyber-tech nature. Such transformation also requires smart leadership. Smart leadership in the above scenario could include defense in depth to ensure that security is secured around all areas of operation. Also, the management would have made sure that at every interconnection of systems and networks is secured. Sony pictures would have also put make employees responsible in case any information leaked; through non-disclosure agreements or liability clauses in the event of a breach. It is estimated that devices which will be connected will grow to 50 billion by 2020. With these developments, cyber-attacks are becoming more complex thus the risk to companies are increasing.

Upon interviewing the Director of Security of Sony Pictures, Jason Spaltro, after the systems were hacked, dismissed the security concerns as weak passwords. These statements were negligent considering the size of Sony pictures, and if Spaltro were competent and motivated, he would find solutions to put in place adequate security plans. In the Sony Pictures scenario, the business and leadership needed to work together to find solutions to potential risks while protecting intellectual property. The director failed to recognize that security is not an I.T problem, but a business priority in keeping the organization on top. The CEO should have been well conversant with measures put in place to control cyber security and put a plan in place in case of breach of Company's security system.

The role of a leader, such as the Director of Security in Sony was to resolve conflicts while ensuring that there is cooperation between the team and the manager. For an ineffective team development, it is important that any manager understands their role. If a leader can correctly perform their job, the team will be efficient, and the team becomes very productive. In the above scenario, there was no teamwork as other employees allegedly opted to leak crucial information leading to significant losses by the company. To resolve conflicts, a manager should facilitate team development. Conflict can be damaging to the efficiency and the success and development of the team. The leader should be able to determine when conflicts arise, and when to step in to resolve such conflicts.

Risk assessment is an important first step in the prevention of Cybercrimes. This evaluation analyses the exposure of the systems and the potential for exposure of an organization. Risk assessment involves analyzing different policies dealing with Cybercrimes. Standard security measures are then put in place to protect the company's communication technology and information. Also, in risk assessment, additional functions are disabled to keep security pitches up to date. The advantages of risk assessment are that assessment of risks involves the use of antiviruses thus the blockage of malware. Risk assessment protects the system from vulnerabilities. The assessment also ensures different devices are in compliance with the company's security standards. Risk assessment promotes the control of media import and export, hence protecting the organization from possible leakages. Also, assessment of vulnerabilities ensures that policies are applied internally, and perhaps incorporated into the employment terms and conditions. Risk assessments prepare for the breach, thus eventually reduces the costs of dealing with financial losses, and reduces the possible damage to an organization's reputation. Effective risk evaluations and plans look proactively into potential problems, thus making it easier to deal with cyber tech problems when they occur. Importantly, in the event of an incident, protection in the country's policy may protect disclosure of information which may be detrimental to the customers. Performing penetration tests using White Hat hackers can be helpful in testing and by preventing sophisticated attacks. They identify any weak points and help in sealing such loopholes effectively.

Remedial principles and practices an Organization can adopt for better outcomes

The type of leadership creating appropriate conditions for such a scenario where Cyber tech is involved is participative leadership. This kind of leadership promotes teamwork. In this kind of leadership, everyone has a role in their respective departments, with each department overseeing particular type of processes in the organization. Different managers will have various aspects of organizational projects assigned to them. In this scenario, some teams could be involved in specialization in hacking, and monitoring while others are in charge of making reforms to prevent cyber-crimes from occurring. Other teams can keep up with the developments in the area while looking for ways to upgrade the systems in the Organization. This type of leadership is appropriate because it promotes creativity and productivity within the respective teams. In Cyber tech, and the challenges that come with cyber security, Creativity is essential in protecting an organizational information and intellectual property. In any team, the leaders should be aware of their leadership skills and styles. Leaders should also build teams that last long by mastering the art of people. This involves knowing how they think while knowing how to motivate them so as to excel.

The company should also ensure that it is always keeping up with new technologies. This ensures that they put in place strategies and to protect the company against any risks that come with new technology. Any organization should elevate the role that Information technology plays in an organization, it is important that it is not viewed just as technology. The organizations can adopt emphasized focus on information technology, intellectual property, financial data and records of employees. Security should be considered a strategic issue, and security leaders should link security and the organizational goals. The Organization should constantly test their systems keeping in mind that criminals continue to advance innovating new techniques every day. An organization should be proactive as opposed to being reactive in trying to avoid cybercrimes. When it comes to revealing information, the company needs to take a sustained approach and reveal crucial information to only specific people. Network security should be tightened by frequently changing passwords, using strong passwords and avoid writing them down, logins should expire after a short duration of period when the account is dormant and each time devices are plugged, they are scanned for malware. Administration pages can also be hidden while security applications can be used to protect information.

Conclusion

In conclusion, the right level of preparation can be crucial in preparing for cyber breaches and recovering from such breaches when they occur. Cybersecurity is one of the most important and urgent matter to be dealt with in any company of a cyber tech nature. Criminals have always targeted computer networks. This means that in future, the risks will only increase, hence the need for appropriate measures to prevent a breach. However, many options exist for organizations concerning the sensible precautions they can put in place to prevent cyber breach consequences.