Risk of ...

Risk of Seth Rogen

Doug Meier -

The latest Sony Corp hack, which released a flood of confidential Sony corporate IP to the Internet, has the security product world in thrall. Security vendors and experts are telling me how it's a "game changer" when it's not.

This hack constitutes one of 50+ noteworthy data breaches, malware developments, and new or previously undiscovered threats in 2014. Remember Sony has been compromised before (PlayStation, customer accounts), so this seems like the same game, not a changed one.

+++

The game being played is the way Sony and other Internet companies accept the current Internet's technology-based risks, and tangible threats from known bad actors, as a reasonable trade-off for profits and market share.

The likelihood of a negatively impacting security incident is always acknowledged, but rarely closely examined. As each day passes without a serious incident, an over-confidence can develop: In 2007, a Sony security exec told CIO magazine, “I will not invest $10 million to avoid a possible $1 million loss."

Underlying his remark is a common bravado -- equal parts fatalisism, pragmatism, laziness -- that "if you're going to get hacked, you're going to get hacked." Yes, over beers we philosphize that our efforts may be in vain, why bother ... but we also don't stop deploying security tools and methods designed to increase the likelihood that someone besides us gets hacked.

+++

The newest Sony breach is not a game changer but it is a story of ridiculous unintended consequences -- the kind you might find in, say, a Seth Rogen movie.

It's no spoiler to reveal that The Interview, the movie at the center of Sony's new debacle, is truly awful. If you are watching the first five minutes and wondering if it gets better: No, it only gets worse.

The irony is supreme: Two Hollywood knuckleheads make a forgettable comedy that is apparently about two TV knuckleheads enlisted by the CIA to go to North Korea and ignite World War III. In reality, the insipid drivel the movie "sharts" out precipitates a massive hack of Sony's corporate IP by #GOP, incites ludicrous threats of North Korean reprisals on American movie theater soil, and encourages more behind-the-scenes cyberhacking of the U.S. by North Korea.