Evan Ramstad reports about the lessons learned by one executive after the Hyundai Capital Services hack:
… His biggest mistake, he says, was that he used to treat the information-technology department as simply one of many units that helped the company get its main job done. Today he treats it as central to everything the company does. Since the attack, Mr. Chung has spent weeks learning the ins and outs of network architecture, security infrastructure and the tradeoffs between data protection and customer satisfaction.
“If you lock the restroom and garage because you are trying to protect the jewelry in the bedroom, sooner or later, the rest of the family complains and finds a way around it,” Mr. Chung says. “Like everything, IT security needs a philosophy, and only the CEO can make that kind of a decision.”
So what were the main lessons learned?
- Trust the authorities.
- Stay open and transparent.
- Learn IT and know where vulnerabilities are.
- Create a philosophy that drives IT decisions.
- Reassess plans for products and services.
Good lessons to learn, indeed.
Read more in the Wall Street Journal.