A closer look at what happened to Sony suggests that the nature of the recent cyber breach was more serious than first thought. As the story continues to unfold, we may find out that the North Koreans are not the true hackers. However, regardless of the origin of the perpetrators, it is clear that the incident should serve as a wake-up call for board members and CEOs.
In a recent attempt to survey 580 CEOs about security, we received a response rate of less than 1 percent. Today, thanks to the impact of Sony’s cyber attack, we believe that number would be much higher.
While Sony’s breach spawned the broadcast of an embarrassing amount of sensitive data, it also shut down the company’s computers and put the company in limbo for several days. Sony tried to continue with manual systems but simply couldn’t keep up. Even worse, it was unable to pay actors, suppliers and employees. Sony had to suspend operations until the company could rebuild the computer systems and networks.
Known as “Destover,” this class of malicious software (“malware”) is dangerous because it disrupts computer and company operations by first copying data and then erasing the “Master Boot Record,” disabling the computer storage. Similar disruptions occurred in 2012 at Saudi Aramco, where 30,000 terminals were shut down by the Shamoon virus, and in Iran in 2009, where the Stuxnet worm destroyed a thousand centrifuges.
To create further damage, the hackers posted online several unreleased films that undoubtedly cost millions in production expenses. Plus, they exposed thousands of sensitive and embarrassing emails, movie scripts, HR data, salaries, legal reports, passwords and the personal information of hundreds of employees and actors.
The Sony experience comes on the heels of a recent breach at JPMorgan. In June 2014, hackers stole an employee’s password and deposited malware on the company’s servers. Over several months, they eluded the company’s sophisticated alarms by extracting a huge amount of data very slowly.
While one cannot address all security risks, there are things CEOs can do to mitigate the risk of a breach. The answer lies in analyzing all areas of vulnerability and consciously deciding what to protect—and to what degree.
Cyberattacks come from hackers who breach company firewalls and security systems, stealing data and/or disabling the computers. Some believe that hackers are stopped by robust firewalls and sophisticated detection software, but that is only a part of the solution. Hackers gain easy access through three pathways—people, processes and systems.
Chief Executive Group exists to improve the performance of U.S. CEOs, senior executives and public-company directors, helping you grow your companies, build your communities and strengthen society. Learn more at chiefexecutivegroup.com.
0
1:00 - 5:00 pm
Over 70% of Executives Surveyed Agree: Many Strategic Planning Efforts Lack Systematic Approach Tips for Enhancing Your Strategic Planning Process
Executives expressed frustration with their current strategic planning process. Issues include:
Steve Rutan and Denise Harrison have put together an afternoon workshop that will provide the tools you need to address these concerns. They have worked with hundreds of executives to develop a systematic approach that will enable your team to make better decisions during strategic planning. Steve and Denise will walk you through exercises for prioritizing your lists and steps that will reset and reinvigorate your process. This will be a hands-on workshop that will enable you to think about your business as you use the tools that are being presented. If you are ready for a Strategic Planning tune-up, select this workshop in your registration form. The additional fee of $695 will be added to your total.
2:00 - 5:00 pm
Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations.
Limited space available.
10:30 - 5:00 pm
General’s Retreat at Hermitage Golf Course
Sponsored by UBS
General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.
The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.
