Sony Corp., which suffered a massive breachof its PlayStation Network earlier this year, is hiring a former official at the Department ofHomeland Security to lead its security initiatives.
Philip Reitinger was named the firms new senior vice president and CISO, in a bid to move onafter multiple high-profile attacks targeting Sonys systems. Reitinger served as directorof the National Cybersecurity Center at DHS. He was also deputy undersecretary of the DHSNational Protection and Programs Directorate (NPPD), a role charged with protecting U.S. governmentsystems from domestic and foreign threats.
In an announcement Tuesday, Sony said Reitinger will overseeinformation security, privacy and Internet safety across the company. He will report to thecompanys executive vice president and general counsel.
Reitinger was chief trustworthy infrastructure strategist at Microsoft, prior to taking the jobat DHS. At Microsoft he oversaw coordination between the software giant, its partners andgovernment agencies on cybersecurity issues.
At a security conference in Miami last year, Reitinger told incident response handlers that itwas time to stoptalking about cybersecurity in generalities and begin taking action against cybercriminals.Mechanisms to help researchers and response teams disseminate information about attacks need to bestandardized for a better coordinated response to incidents, Reitinger said.
"We've got a set of manual processes and there's a lack of agility in places," he told attendeesof the 2010 Forum of Incident Response and Security Teams (FIRST) Conference. "We succeed based ongoodwill and hard work of people rather than the innate design of the system."
SonysPlayStation Network was halted for more than a week, disrupting 77 million PSN and Qriocityaccounts. The company learned that hackers stole personal information about PSN users as well asmore than 24 million Sony Online Entertainment user accounts. Stolen information included names,addresses, email addresses, birth dates and account credentials. The breach also included adatabase containing more than 12,000 non-U.S. credit and debit card numbers
Sony executives have apologized for the security lapses and are giving customers free creditmonitoring, a standard move following breaches. But security experts say Sonys breach highlights anumber of lapses and highlights a need for better datasecurity management.
0 comments:
Post a Comment