SlideShare a Scribd company logo

Data breach at sony

Download as PPTX, PDF
BlueBit Technologies
BlueBit Technologies

Data breach at sony

Technology
1 of 16
SONY CORPORATION Presented by: Ankita Dalvi Nikhil Jain Sandip Gelani Zeyu Huang
INTRODUCTION  Sony Corporation is a Japanese multinational conglomerate corporation headquartered in Tokyo, Japan.  Its business is primarily focused on electronics, game, entertainment and financial service sectors.  One of the leading manufacturers of electronic products for the consumer and professional markets.
SONY - PLAYSTATION  The PlayStation is a series of video game consoles developed with consoles in 5th, 6th, 7th and 8th generation.  Consists of 3 core home consoles, media center, an online service, a line of controllers, 2 handhelds and a phone as well as magazines.  The first console in series, the PlayStation, shipped 100 million units in 9.5 years.  Other series of PlayStation are – PlayStation Portable (PSP), PlayStation 2, PlayStation Vita.  The PlayStation Network is an online service with over 69 million users worldwide.  Comprises of virtual market and the PlayStation Store.  Social gaming networking service called PlayStation
PlayStation NETWORK OUTAGE  The PlayStation Network outage was a result of an “external intrusion” on Sony’s PlayStation Network and Qriocity services.  Personal details from approximately 77 million accounts were stolen and prevented by PlayStation 3 and PSP consoles.  Attack occurred on 17th and 19th April, 2011  One of the largest security breaches in history.
SECURITY AND CONTOL WEAKNESSES AT SONY  Issues with Apache web server software.  To save time and money, they did not use encryption on individual files.  Lack of security  Careless and unwillingness to spend resources on expensive security measures.
WHAT PEOPLE, ORGANIZATIONAL AND TECHNOLOGICAL FACTORS CONTRIBUTE TO THESE PROBLEMS ?  Unwillingness to spend money  Lack of training  Non-existent procedures and outdated software
SONY – NOT THE ONLY CORPORATION TO FACE DATA BREACH Tricare, Nemours, Epsilon, WordPress, Sony, HB Gary, TripAdvisor, Citigroup, NASA, Lockheed Martin and RSA Security are also victims of data brech. Company Name Number of Customers Date Heatland Payment Systems 130 Million January 20, 2009 Sony Corporation 102 Million April 26, 2011 - June 04,2011 TJX Companies 94 Million January 17, 2007 TRW 90 Million June 1, 1984 Card Systems 40 Million June 9, 2005 US Dept. of Veterans Affairs 26 Million May 22, 2006 Bank of New York 12 Million Sep 6, 2008
IMPACT OF DATA INFILTRATION ON THE COMPANY Company anticipated the cost of this data breach more than $ 170 Million plus associated legal cost. On 24th January, 2013, The UK's Information Commissioner's Office (ICO) announced that they'll be assessing a penalty of £250,000 on Sony. In the Canadian lawsuit against Sony USA, Canada and Japan claimed damages up to Canadian $ 1 billion including free credit monitoring and identity theft insurance. It took Sony four weeks just to restore PlayStation service that too partially! Moreover, company’s loss of brand image and market value.
IMPACT OF DATA INFILTRATION ON CUSTOMERS Personal information of about 77 million users were stolen. Theft of credit card information of 12 million users. Hence, customers lost their trust in the company, which is huge loss for any company.
STEPS TAKEN BY SONY TO MAKE A COME BACK Company announced “Welcome Back” program, which offered its current member a 30 days of free membership. Additionally, it offered free games and privacy protections (“All Clear Id Plus”) at its own expense.
SOLUTIONS TO PREVENT THESE PROBLEMS • Prevent the intentional or unintentional disclosure of sensitive data at rest, in use or in motion to unauthorized parties • Maintain adequate security and provide usability • Protect customer data and brand reputation • Protect personally identifiable information and intellectual property
 Firewalls  Intrusion detection systems  Antivirus software  Encryption TOOLS AND TECHNOLOGIES
TOOLS AND TECHNOLOGIES  Endpoint security: Restrict access to local admin functions. Prevent malicious software, viruses, spyware, etc  Host encryption: Ensure disks and data are encrypted on all servers, workstations, laptops and mobile devices  Upgrade software: Upgrade the software to latest version.
TOOLS AND TECHNOLOGIES  Network monitoring: Log and monitor network traffic to identifying and investigate inappropriate sensitive data transfers  Access/usage monitoring: Monitor access and usage of high-risk data to identify potentially inappropriate usage  Export/save control: Restrict user abilities to copy sensitive data into unapproved containers (e.g., email, web browsers)
THANK YOU!

Recommended

Sony Playstation Hack Presentation
Sony Playstation Hack PresentationSony Playstation Hack Presentation
Sony Playstation Hack PresentationCreditCardFinder
 
Sony Hacking Presentation
Sony Hacking PresentationSony Hacking Presentation
Sony Hacking PresentationLauren Greenberg
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on SonyNick Bilogorskiy
 
Data Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryData Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryInternational Institute for Learning
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDaniel P Wallace
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 
What is Hacking? AND Types of Hackers
What is Hacking? AND Types of HackersWhat is Hacking? AND Types of Hackers
What is Hacking? AND Types of Hackersinfosavvy
 

Recommended

Sony Playstation Hack Presentation
Sony Playstation Hack PresentationSony Playstation Hack Presentation
Sony Playstation Hack PresentationCreditCardFinder
 
Sony Hacking Presentation
Sony Hacking PresentationSony Hacking Presentation
Sony Hacking PresentationLauren Greenberg
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on SonyNick Bilogorskiy
 
Data Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryData Security Breach: The Sony & Staples Story
Data Security Breach: The Sony & Staples StoryInternational Institute for Learning
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDaniel P Wallace
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 
What is Hacking? AND Types of Hackers
What is Hacking? AND Types of HackersWhat is Hacking? AND Types of Hackers
What is Hacking? AND Types of Hackersinfosavvy
 
SentinelOne - NOAH19 Tel Aviv
SentinelOne - NOAH19 Tel AvivSentinelOne - NOAH19 Tel Aviv
SentinelOne - NOAH19 Tel AvivNOAH Advisors
 
Information security awareness
Information security awarenessInformation security awareness
Information security awarenessCAS
 
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Kevin Duffey
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Mobile Hacking
Mobile HackingMobile Hacking
Mobile HackingNovizul Evendi
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityNemwos
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorismSavigya Singh
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Understanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor LandscapeUnderstanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor LandscapeSounil Yu
 
Social media and Security risks
Social media and Security risksSocial media and Security risks
Social media and Security risksParakum Pathirana
 
Security awareness
Security awarenessSecurity awareness
Security awarenessJosh Chandler
 
Anti-Forensics: Real world identification, analysis and prevention
Anti-Forensics: Real world identification, analysis and preventionAnti-Forensics: Real world identification, analysis and prevention
Anti-Forensics: Real world identification, analysis and preventionSeccuris Inc.
 
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1ShivamSharma909
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting Sina Manavi
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach AnalysisTal Be'ery
 
Amenazas avanzadas persistentes
Amenazas avanzadas persistentesAmenazas avanzadas persistentes
Amenazas avanzadas persistentesSecpro - Security Professionals
 
Penetration testing
Penetration testingPenetration testing
Penetration testingAmmar WK
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightHostway|HOSTING
 
SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksSANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksMauricio Velazco
 
Online Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client AccountsOnline Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client Accountscorelink11
 
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.Cyphort
 

More Related Content

What's hot

SentinelOne - NOAH19 Tel Aviv
SentinelOne - NOAH19 Tel AvivSentinelOne - NOAH19 Tel Aviv
SentinelOne - NOAH19 Tel AvivNOAH Advisors
 
Information security awareness
Information security awarenessInformation security awareness
Information security awarenessCAS
 
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Kevin Duffey
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityNemwos
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Understanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor LandscapeUnderstanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor LandscapeSounil Yu
 
Social media and Security risks
Social media and Security risksSocial media and Security risks
Social media and Security risksParakum Pathirana
 
Anti-Forensics: Real world identification, analysis and prevention
Anti-Forensics: Real world identification, analysis and preventionAnti-Forensics: Real world identification, analysis and prevention
Anti-Forensics: Real world identification, analysis and preventionSeccuris Inc.
 
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1ShivamSharma909
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting Sina Manavi
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach AnalysisTal Be'ery
 
Penetration testing
Penetration testingPenetration testing
Penetration testingAmmar WK
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightHostway|HOSTING
 
SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksSANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksMauricio Velazco
 

What's hot (20)

SentinelOne - NOAH19 Tel Aviv
SentinelOne - NOAH19 Tel AvivSentinelOne - NOAH19 Tel Aviv
SentinelOne - NOAH19 Tel Aviv
 
Information security awareness
Information security awarenessInformation security awareness
Information security awareness
 
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
Equifax Breach - Lessons - Cyber Rescue - 16th may 2018
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Mobile Hacking
Mobile HackingMobile Hacking
Mobile Hacking
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
 
Understanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor LandscapeUnderstanding the Cyber Security Vendor Landscape
Understanding the Cyber Security Vendor Landscape
 
Social media and Security risks
Social media and Security risksSocial media and Security risks
Social media and Security risks
 
Security awareness
Security awarenessSecurity awareness
Security awareness
 
Anti-Forensics: Real world identification, analysis and prevention
Anti-Forensics: Real world identification, analysis and preventionAnti-Forensics: Real world identification, analysis and prevention
Anti-Forensics: Real world identification, analysis and prevention
 
CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1CompTIA Security+ SY0-601 Domain 1
CompTIA Security+ SY0-601 Domain 1
 
Android Hacking + Pentesting
Android Hacking + Pentesting Android Hacking + Pentesting
Android Hacking + Pentesting
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach Analysis
 
Amenazas avanzadas persistentes
Amenazas avanzadas persistentesAmenazas avanzadas persistentes
Amenazas avanzadas persistentes
 
Penetration testing
Penetration testingPenetration testing
Penetration testing
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with Phirelight
 
SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksSANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
 

Viewers also liked

Online Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client AccountsOnline Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client Accountscorelink11
 
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.Cyphort
 
Porter's five forces model and porter's value chain - Sony
Porter's five forces model and porter's value chain - SonyPorter's five forces model and porter's value chain - Sony
Porter's five forces model and porter's value chain - Sonyell_suhaily
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 

Viewers also liked (10)

Online Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client AccountsOnline Security Breach Compromises 77 Million Client Accounts
Online Security Breach Compromises 77 Million Client Accounts
 
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
 
True Cost of Data Breaches
True Cost of Data BreachesTrue Cost of Data Breaches
True Cost of Data Breaches
 
SONY
SONYSONY
SONY
 
Sony
SonySony
Sony
 
Sony Corporation:
Sony Corporation:Sony Corporation:
Sony Corporation:
 
sony
sonysony
sony
 
Porter's five forces model and porter's value chain - Sony
Porter's five forces model and porter's value chain - SonyPorter's five forces model and porter's value chain - Sony
Porter's five forces model and porter's value chain - Sony
 
Sony case study
Sony case studySony case study
Sony case study
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 

Similar to Data breach at sony

(Sony) Risk assignment final high profile security breach of Sony’s Playstat...
(Sony) Risk assignment final high profile security breach of Sony’s Playstat... (Sony) Risk assignment final high profile security breach of Sony’s Playstat...
(Sony) Risk assignment final high profile security breach of Sony’s Playstat...James Dellinger
 
Cryptsonic pitch deck
Cryptsonic pitch deckCryptsonic pitch deck
Cryptsonic pitch deckSeiji Eto
 
21 Cybersecurity Companies You Need to Know.pptx
21 Cybersecurity Companies You Need to Know.pptx21 Cybersecurity Companies You Need to Know.pptx
21 Cybersecurity Companies You Need to Know.pptxSonaliG6
 
Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1newbie2019
 
One page business summary - cryptsonic technologies incorporated
One page business summary - cryptsonic technologies incorporatedOne page business summary - cryptsonic technologies incorporated
One page business summary - cryptsonic technologies incorporatedSeiji Eto
 
Ernst & Young : Intellectual property in a digital world
Ernst & Young : Intellectual property in a digital worldErnst & Young : Intellectual property in a digital world
Ernst & Young : Intellectual property in a digital worldforumdavignon
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesGFI Software
 
CORPORATE ESPIONAGE "How Really Safe Are Your Secrets" presented by Argus Int...
CORPORATE ESPIONAGE "How Really Safe Are Your Secrets" presented by Argus Int...CORPORATE ESPIONAGE "How Really Safe Are Your Secrets" presented by Argus Int...
CORPORATE ESPIONAGE "How Really Safe Are Your Secrets" presented by Argus Int...jsnyder40
 
Bitidentify Security Technology
Bitidentify Security TechnologyBitidentify Security Technology
Bitidentify Security TechnologyKlaus Drosch
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia LunaAviva Spectrum™
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber securityAurobindo Nayak
 
DSS Company Presentation November 2015
DSS Company Presentation November 2015DSS Company Presentation November 2015
DSS Company Presentation November 2015Company Spotlight
 
Outsource Customer Support Services for Gaming Industry
Outsource Customer Support Services for Gaming IndustryOutsource Customer Support Services for Gaming Industry
Outsource Customer Support Services for Gaming IndustrySanjay K
 

Similar to Data breach at sony (20)

(Sony) Risk assignment final high profile security breach of Sony’s Playstat...
(Sony) Risk assignment final high profile security breach of Sony’s Playstat... (Sony) Risk assignment final high profile security breach of Sony’s Playstat...
(Sony) Risk assignment final high profile security breach of Sony’s Playstat...
 
Cryptsonic pitch deck
Cryptsonic pitch deckCryptsonic pitch deck
Cryptsonic pitch deck
 
Technology specialist
Technology specialistTechnology specialist
Technology specialist
 
21 Cybersecurity Companies You Need to Know.pptx
21 Cybersecurity Companies You Need to Know.pptx21 Cybersecurity Companies You Need to Know.pptx
21 Cybersecurity Companies You Need to Know.pptx
 
Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1
 
One page business summary - cryptsonic technologies incorporated
One page business summary - cryptsonic technologies incorporatedOne page business summary - cryptsonic technologies incorporated
One page business summary - cryptsonic technologies incorporated
 
Secure your Space: The Internet of Things
Secure your Space: The Internet of ThingsSecure your Space: The Internet of Things
Secure your Space: The Internet of Things
 
Ernst & Young : Intellectual property in a digital world
Ernst & Young : Intellectual property in a digital worldErnst & Young : Intellectual property in a digital world
Ernst & Young : Intellectual property in a digital world
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage Devices
 
CORPORATE ESPIONAGE "How Really Safe Are Your Secrets" presented by Argus Int...
CORPORATE ESPIONAGE "How Really Safe Are Your Secrets" presented by Argus Int...CORPORATE ESPIONAGE "How Really Safe Are Your Secrets" presented by Argus Int...
CORPORATE ESPIONAGE "How Really Safe Are Your Secrets" presented by Argus Int...
 
Bitidentify Security Technology
Bitidentify Security TechnologyBitidentify Security Technology
Bitidentify Security Technology
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber security
 
DSS Company Presentation November 2015
DSS Company Presentation November 2015DSS Company Presentation November 2015
DSS Company Presentation November 2015
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on Sony
 
DSS - Investor Presentation
DSS - Investor PresentationDSS - Investor Presentation
DSS - Investor Presentation
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ck
 
Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...Insights success the 10 best performing cyber security solution providers 4th...
Insights success the 10 best performing cyber security solution providers 4th...
 
ITrust Company Overview EN
ITrust Company Overview ENITrust Company Overview EN
ITrust Company Overview EN
 
Outsource Customer Support Services for Gaming Industry
Outsource Customer Support Services for Gaming IndustryOutsource Customer Support Services for Gaming Industry
Outsource Customer Support Services for Gaming Industry
 

Recently uploaded

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Recently uploaded (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Data breach at sony

  • 1.
  • 2. SONY CORPORATION Presented by: Ankita Dalvi Nikhil Jain Sandip Gelani Zeyu Huang
  • 3. INTRODUCTION  Sony Corporation is a Japanese multinational conglomerate corporation headquartered in Tokyo, Japan.  Its business is primarily focused on electronics, game, entertainment and financial service sectors.  One of the leading manufacturers of electronic products for the consumer and professional markets.
  • 4. SONY - PLAYSTATION  The PlayStation is a series of video game consoles developed with consoles in 5th, 6th, 7th and 8th generation.  Consists of 3 core home consoles, media center, an online service, a line of controllers, 2 handhelds and a phone as well as magazines.  The first console in series, the PlayStation, shipped 100 million units in 9.5 years.  Other series of PlayStation are – PlayStation Portable (PSP), PlayStation 2, PlayStation Vita.  The PlayStation Network is an online service with over 69 million users worldwide.  Comprises of virtual market and the PlayStation Store.  Social gaming networking service called PlayStation
  • 5. PlayStation NETWORK OUTAGE  The PlayStation Network outage was a result of an “external intrusion” on Sony’s PlayStation Network and Qriocity services.  Personal details from approximately 77 million accounts were stolen and prevented by PlayStation 3 and PSP consoles.  Attack occurred on 17th and 19th April, 2011  One of the largest security breaches in history.
  • 6. SECURITY AND CONTOL WEAKNESSES AT SONY  Issues with Apache web server software.  To save time and money, they did not use encryption on individual files.  Lack of security  Careless and unwillingness to spend resources on expensive security measures.
  • 7. WHAT PEOPLE, ORGANIZATIONAL AND TECHNOLOGICAL FACTORS CONTRIBUTE TO THESE PROBLEMS ?  Unwillingness to spend money  Lack of training  Non-existent procedures and outdated software
  • 8. SONY – NOT THE ONLY CORPORATION TO FACE DATA BREACH Tricare, Nemours, Epsilon, WordPress, Sony, HB Gary, TripAdvisor, Citigroup, NASA, Lockheed Martin and RSA Security are also victims of data brech. Company Name Number of Customers Date Heatland Payment Systems 130 Million January 20, 2009 Sony Corporation 102 Million April 26, 2011 - June 04,2011 TJX Companies 94 Million January 17, 2007 TRW 90 Million June 1, 1984 Card Systems 40 Million June 9, 2005 US Dept. of Veterans Affairs 26 Million May 22, 2006 Bank of New York 12 Million Sep 6, 2008
  • 9. IMPACT OF DATA INFILTRATION ON THE COMPANY Company anticipated the cost of this data breach more than $ 170 Million plus associated legal cost. On 24th January, 2013, The UK's Information Commissioner's Office (ICO) announced that they'll be assessing a penalty of £250,000 on Sony. In the Canadian lawsuit against Sony USA, Canada and Japan claimed damages up to Canadian $ 1 billion including free credit monitoring and identity theft insurance. It took Sony four weeks just to restore PlayStation service that too partially! Moreover, company’s loss of brand image and market value.
  • 10. IMPACT OF DATA INFILTRATION ON CUSTOMERS Personal information of about 77 million users were stolen. Theft of credit card information of 12 million users. Hence, customers lost their trust in the company, which is huge loss for any company.
  • 11. STEPS TAKEN BY SONY TO MAKE A COME BACK Company announced “Welcome Back” program, which offered its current member a 30 days of free membership. Additionally, it offered free games and privacy protections (“All Clear Id Plus”) at its own expense.
  • 12. SOLUTIONS TO PREVENT THESE PROBLEMS • Prevent the intentional or unintentional disclosure of sensitive data at rest, in use or in motion to unauthorized parties • Maintain adequate security and provide usability • Protect customer data and brand reputation • Protect personally identifiable information and intellectual property
  • 13.  Firewalls  Intrusion detection systems  Antivirus software  Encryption TOOLS AND TECHNOLOGIES
  • 14. TOOLS AND TECHNOLOGIES  Endpoint security: Restrict access to local admin functions. Prevent malicious software, viruses, spyware, etc  Host encryption: Ensure disks and data are encrypted on all servers, workstations, laptops and mobile devices  Upgrade software: Upgrade the software to latest version.
  • 15. TOOLS AND TECHNOLOGIES  Network monitoring: Log and monitor network traffic to identifying and investigate inappropriate sensitive data transfers  Access/usage monitoring: Monitor access and usage of high-risk data to identify potentially inappropriate usage  Export/save control: Restrict user abilities to copy sensitive data into unapproved containers (e.g., email, web browsers)