March 4, 2015 —
Congratulations to Professors John Hurley and Mark McGibbon for publishing an excellent article on the Sony hacking case. The direct link to the Federal Computer Week article is http://fcw.com/articles/2015/03/03/comment-sony-hack-lessons.aspx, and it can also be found on the homepage in the "Opinion that Matters" section.
The cyber security hack suffered by Sony Pictures Entertainment late last year was a significant event in terms of that company's reputation, financial concerns and cybersecurity readiness posture. Regardless of the perpetrator(s) behind the cyber breach, Sony revealed to the world how vulnerable it was to a cyber intrusion. This begs the question: What other major organizations could suffer the same type of attack?
There are common-sense steps that any organization can encourage so that employees don't compromise systems' security (more listed in the article):
- Use only updated firewalls and intrusion detection systems (IDS). Password-protect and encrypt all files in storage.
- Encrypt all sensitive emails before sending.
- Overwrite deleted data with a program that truly erases all data placed into the computer’s trash, such as the software programs: CCleaner (Windows), Eraser (Windows) or Secure Empty Trash (Apple)
The authors state that technology alone can't secure a large organization's systems. Employee behavior is key. Please visit the link to view the entire article.
About the authors:
J. S. Hurley, Ph.D. (EE) is currently a faculty member at the National Defense University Information Resources Management College (NDU iCollege). Dr. Hurley served previously as Senior Manager, Distributed Computing in the Networked Systems Division, The Boeing Company, Bellevue, WA. Dr. Hurley was Professor of Electrical Engineering and Director of three research centers (Scalable and Embedded Applications Center, Materials Processing Assessment and Characterization Center, and Avalon Scalable Embedded Computing Center) and Co-Director, Army Center of Excellence in Electronic Sensors and Combat at Clark Atlanta University, in Atlanta, GA.
H. Mark McGibbon, Ph.D., D.B.A. serves as the Lockheed Martin Visiting Chair at the National Defense University Information Resources Management College (NDU iCollege). He has also served as a visiting and adjunct professor at several U.S. and European universities at the undergraduate, graduate and doctoral levels. Dr. McGibbon holds a Ph.D. in Business Administration, Doctorate in Business Administration (D.B.A.), M.S. in Information Technology, M.S. in Strategic Leadership, 16 Master’s Certificates in multiple CXO disciplines, an online teaching certificate, and a B.S. in U.S. pre-Law. He is a graduate of the Harvard University Senior Executive Fellows (SEF) Program.