Lockheed Martin and PBS confirmed that they were hacked as the high-profile security breaches are beginning to pile up. Is it time for CEOs to put security on the front burner?
Oh sure, all chief executives say they value security. Security is one of those things you always value. The disconnect comes when there are shabby security practices riding shotgun with intent.
Among the more notable attacks over the last few months:
- Sony was repeatedly attacked so bad the company took down its PlayStation Network for days. Rest assured that Sony's costs will only go higher.
- Epsilon was attacked and your email address went along with the bad guys.
- EMC's RSA unit was attacked and lost data.
- And over the weekend, Lockheed Martin confirmed that it was the subject of a highly sophisticated attack.
Meanwhile, it takes little to get hacktivists wound up. PBS was hacked for a Frontline story on Wikileaks. Yup, that's it.
PBS network, server and database details were compromised. The attackers also noted that Tupac was still alive in New Zealand. PBS News Hour's Twitter feed is full of mea culpas and notes about how it was working to get back up to speed. Through Sunday night a group called LulzSec was having its way with PBS. LulzSec said:
Greetings, Internets. We just finished watching WikiSecrets and were less than impressed. We decided to sail our Lulz Boat over to the PBS servers for further... perusing.
The Wall Street Journal in a report said that corporate executives can't afford to take a passive approach to cybersecurity. Well, it's about time. You could never take a passive approach. Passive companies lose data. However, until boards of directors start firing execs over breaches passive is likely to be the norm.
Here's the larger issue: Few CEOs are well versed in security. They are told the company is secure, but it's not like they can micromanage. Banks, retailers and government contractors know reputations are at stake, but it's time other sectors get with the program too.