If IT managers are soldiers, says the ex-hacker, then the people breaking in are like the special forces.
Hacker turned security consultant Gregory Evans thinks that Sony’s efforts to resecure its networks don’t go far enough, and until Sony – and plenty of other companies too – start hiring the right people, it’s systems won’t be safe from hackers.
Evans – who spent two years in jail for hacking a number of major companies in the ninties, and was forced to pay nearly $10 million in damages – thought that too many company are relying on undertrained IT staff for network security. What companies should be doing, he said, was hiring actual hackers to test a system’s security, as they were a cut above the IT professionals that corporations currently employed.
“IT managers are like the infantry,” he said. “IT managers, for the most part, are just book-smart people who went out and read a book and passed the test … Computer hackers are like Navy SEALs. When we went in to get Bin Laden we didn’t send in the infantry. We sent out the best in the world – the SEALs. But who’s protecting Sony’s network? IT managers.”
While the recent high profile attacks certainly make it seem like every hacker on the planet is after Sony, Evans said that the problem is actually a lot more widespread than that. Around 90% of the Fortune 500 companies had been hacked, he said, but it very rarely got reported. Evans estimated that only 17% of hacking victims reported it to law enforcement officials because they didn’t want to generate any negative publicity. He added that until companies changed how they handled online security, the attacks would keep coming.
Source: Industry Gamers