Professional Documents
Culture Documents
Ayush Raj
Naman Kumar
Riddhi
Surya Prakash
Section: B
Case study analysis
From the case, we can see that Sony had a few issues that led to a security gap.
According to the complaint, Sony has an inadequate firewall system, which is
important for shielding the business from online attacks. Anyone using the company's
gaming platform is at risk because Sony did not apply data encryption on the stored
plain text information.
In terms of management considerations, they opt not to take the necessary actions to
improve their system.
According to organisational considerations, it may appear that the business focused
solely on market expansion while neglecting to improve the security service it offered
to both clients and employees.
The attack was essentially made possible by Sony's obsolete system software due to
technological issues.
The database system was not properly secured by encryption measures.
Even worse, the possibility that users' personal information and credit card numbers
were compromised will deter additional people from utilizing the network.
I think there are several options Sony can select from that can greatly improve their security,
starting with making an investment to update their necessities like encrypting the data at their
disposal, and making sure that their permission levels are fixed so that no one else can access
their files. These are some strategies that, in my opinion, will be very beneficial to Sony if
used, but, as was previously stated, improving security starts with having a competent
security team.
Answer 1
One of the most well-liked gaming platforms for online players was Sony PlayStation
Service. 130 servers are spread out globally. A technique was played by some hackers in
2011 to get access to the server and steal data. The following list of Sony flaws led to the
security breach:
Answer 2
The big security attack on Sony PlayStation Service is not an accident. A structured, well-
thought-out, and researched strategy was used to take control of the system. The Sony
technical staff was less knowledgeable about the Play Station Network (PSN) system than the
hackers.
Management Factors
The administration fails to take the proper actions to modernise the system.
The management ought to have been aware of the hacking attempt before it happened.
Being in management is not only difficult, but they also need to be capable of making
good decisions.
A safe, up-to-date system might reduce our clients’ headaches, ensuring the stability
of our business.
Organizational Factors
The company is an ecosystem that includes all of the management, technical staff,
and customers.
Customers acting on their behalf must have known about potential security threats
and should have taken precautions.
The company should have included the bare minimum of security protections given
that online gaming is its primary focus.
The company should focus on improving service quality and security in addition to
market expansion.
Technological Factors
The Sony Company’s usage of out-of-date system software facilitated the attack.
Encryption safeguards were not used to properly secure the database system
The system isn’t even smart enough to figure out what private information was taken.
The deletion of the log file indicates that the file permissions were not correctly
specified.
I believe that grand theft is not accomplished quickly. In order to notify management
and relevant authorities should have some kind of alert feature.
Answer 3
The business impact of the Sony data losses is Sony shut down its entire globe play station.
For a company like Sony which has high customer belief and daily customer engagement,
shutting down a system for a few hours means a very high level of customer dissatisfaction
and diversion.
The impacts are listed below:
Answer 4
Sony, if analyzed and investigated the great attack thoroughly would find the possible
weakness and the dark side of its system. The report could suggest preventive measures
which may include but are not limited to: