THE BUZZ: Former McAfee Chief Security Officer Brett Wahlin, who’s new job is to protect the Sony Entertainment Network, has outlined his plans to strengthen defenses and prevent future breaches.

According too Wahlin one of the crucial aspects of protecting the network is to understand how hackers operate.

“The types of attacks we see are by groups with social agendas,” he said, referring to the hactavist group known as Anonymous. “The methods they use aren’t the same as the state-sponsored guys.”

To do this he is making Sony security experts think more like social engineers by monitoring the behavior of staff and users across the world.

“The strategy combines social engineering psychology with data analytics and user education, using Wahlin’s counter-intelligence, FBI-inspired human behaviour profiling methods and advanced fraud detection systems,” he explains. We are looking to see if there are there key elements within a person’s interaction with their environment. That could be interaction with badging systems, with telephones – when and who do they call- and with systems like browser habits and applications used. All these things allow us to set up a pattern for users, so when something different happens we can respond.”

This information can then be analysed by an automated system and any deviations from usual behavior can be flagged up and investigated.

“If we detect unusual activity, it may be that some one’s been owned by a Trojan that we don’t know about, and we can stop data flying out the door,” Wahlin concluded.

EGM’s TAKE: Obviously a few people are going to scream about breaches of privacy on Sony’s part, but that would be a massive over reaction. All the security team is doing is establishing a pattern of behavior, so that if anything suspicious occurs they can be made aware straight away and prevent any damage. It works exactly the same as credit card fraud systems, if you’re doing things out of the ordinary then your account will be flagged. Quite what is classed in this category is anyone’s guess.

Are you happy to let Sony track your behavior? Leave your thoughts below.

Source: Secure Business Intelligence