Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications
  3. Public Relations

sony security breach crisis plan (1)

advertisement 
Sony Security Breach Page |1
SONY SECURITY BREACH
CRISIS PLAN
By: Niesha Shelton
Sony Security Breach Page |2
Table of Contents
Purpose/Introduction
p. 3
Objectives
p. 3
Situation Assessment
p. 4
Communication Team
p. 5
Emergency Contacts
p. 6
Timeline and Checklist
p. 7-8
Key Publics
p. 9
Key Messages
p. 9-10
Sample Press Release
p. 11-12
Post Crises Review
p. 13
Sony Security Breach Page |3
Introduction
A crisis is an event that can occur at any time unbeknown to Sony. A crisis plan is the
procedures that Sony takes that must be done in a timely fashion to ensure to their
publics that they are on top of the situation. Since a crisis can occur unexpectedly, it is
best to have a crisis management plan in place.
Purpose
The purpose for this crisis management plan for Sony security is to ensure that if
hacking were to occur, there would be specific guidelines in place for the Sony
communication team to follow. The crisis plan will ensure that the situation is handled
diligently and is in the best interest of the company and their key publics that may be
affected.
Objectives

Execution of the crisis plan

Notify all personnel, media and other key publics

Issue out a news release

Update media on new developments

Maintain trust and respect of involved publics by being truthful

Regain good brand reputation

Ensure the crisis will never occur again
Sony Security Breach Page |4
Situation Assessment

What is the situation?

How much of a disturbance is the situation?

What is known about the situation? Who is aware of it?

Is the situation world news?

What elements are required? How soon will it be published?

What key publics will this situation affect?

What is the impact on the key publics?

What will occur as a result of the situation?

What urgent moves need to be made?

Should a proactive or reactive approach be taken into consideration for the
situation?

Who are the key staff members that need to be involved?

What can be addressed about the situation? What subjects are off limits?

Who is the key spokesperson to speak on the behalf of the company and the
situation?

What method will be used to communicate a response?

What media reporters should be contacted?
Sony Security Breach Page |5
Communication Team
Michael Lynton
Steven Kober
CEO, Sony Entertainment
Chairman and CEO, Sony Pictures
Entertainment
EVP and Chief Financial Officer, Sony
Corporation of America
Mark Khalil
Nicole Seligman
President, Sony Corporation of America;
President, Sony Entertainment, Inc.;
Senior Legal Counsel, And In Charge of
Information Security, Sony Group
EVP and General Counsel, Sony
Corporation of America
Sony Security Breach Page |6
Emergency Contacts
Sony Corporation of America- Mack Araki
Vice President, Corporate Communications
sca.communications@am.sony.com
Sony Electronics- John Dolak
Vice President, Corporate Communications
John.Dolak@am.sony.com
Sony Mobile Communications- SilkeSchild
Senior PR Manager
silke.schild@sonymobile.com
Matt Parnell
Public Relations
Matthew.Parnell@am.sony.com
Sony/ ATV Music Publishing- Paul Williams
Vice President, Communications
paul.williams@sonyatv.com
Sony Computer Entertainment America and
Sony Network Entertainment InternationalJennifer Clark
Senior Director, Corporate and Product
Communications
Sony Music Entertainment- Liz Young
Executive Vice President, Corporate
Communications
liz.young@sonymusic.com
Tom Di Nome
Public Relations
Tom.DiNome@am.sony.com
Maya Wasserman
Public Relations
maya.wasserman@am.sony.com
Jennifer_clark@playstation.sony.com
Sony DADC and Sony Cards/ Sony
Rewards- Lisa Gephardt
Senior Director, Corporate Communications,
SCA
Lisa_Gephardt@sonyusa.com
Sony Biotechnology lnc., Micronics
Inc.,Sony Wonder Technology Lab- Natalie
Nunez
Communications Coordinator, SCA
Natalie_nunez@sonyusa.com
Sony Security Breach Page |7
Timeline/Checklist
Safety:


Ensure all customer data
Change passwords to secure accounts
Notification:



Advise members of the crisis communication team
Inform all board members of the crisis
To schedule an immediate meeting of the communication team
At the Time of the Security Breach:


Contact programming and security companies
Secure data and systems






Evaluate the damage of the security breach
Identify what data has been compromised
Determine the affected audience and range of the breach
Limit access to whole systems
Change passcode's to databases immediately
Contact information for all key personnel
Prior to the implementation of the plan all communication and emergency contact
personnel will have participated in a crisis communication media training program.
Day 1
CEO of Sony will contact Crisis Communication Team
Establish key spokesperson to speak on the behalf of Sony and the crisis situation
Determine key messages in response
Establish an action plan for all internal and external Sony communication employees
Inform all Sony employees of steps to follow during the crisis
Issue for a press release to be produced
Establish a media list of individuals to notify key publics
Post facts on Sony website and employ social media to present other information
Determine how Sony will access contact to affected key publics
Determine how Sony will regain key public trust
Sony Security Breach Page |8
Day 2
Set up media briefing
Select someone from the communication to monitor social media and Sony website
Update both social media and Sony website
Set up a press conference for spokesperson
Respond accordingly to any news updates
Day 3 - Until Closure of Crisis
Continue to update the Sony website and social media accounts
Media follow-ups
Inform Sony employees of updates
Address any new issues that arrive during the crisis
Stay in contact with those affected by the security breach
Monitor and respond to media coverage
The conclusion of the crisis will result in the evaluation of the crisis plan overall effectiveness
Sony Security Breach Page |9
Key Publics

Clients

Enablers- Media, Opinion Leaders

Producers- Sony employees, or Investors, Stakeholders

Limiters- Competitors
Key Messages
Candor- We acknowledge that there was a breach in our cybersecurity.
Unfortunately, hackers were able to access individuals private information, unreleased
movies, erase data, and other important documents due to the breach in our security.
Explanation-The breach was able to occur due to undetected viruses that allowed
hackers to set the attack and the lack of a good cybersecurity system.
Declaration-We are taking precautionary steps, first by implementing a crisis planin the event that, if something like this were to occur again, we would be prepared and
we also are working on integrating in a cybersecurity detector. Account password
protection for users will be implemented.
Contrition- We at Sony take on full responsibility for the occurrence of the breach in
our security that allowed the attacks to happen.
S o n y S e c u r i t y B r e a c h P a g e | 10
Consultation- Due to the severity of this crisis, we have sought after third party
representation- the FBI and Mandiant, the cybersecurity group to investigate further
into the security breach.
Commitment- We at Sony promise for the best of our ability that we are ensuring
that a crisis, such as this security breach will not occur again. We will manage this by
holding a crisis program in force, new security design with effective security hardware
for employee computers, and a site-wide cybersecurity system to protect Sony valuable
information and pictures.
Restoration- We are aware of the strain and affliction this crisis has delivered not
only on our customers, but employees, as well. We are willing to compensate those for
the emotional distress that was caused by the security breach.
S o n y S e c u r i t y B r e a c h P a g e | 11
Sample News Release
FOR IMMEDIATE RELEASE
Contact Name: Tom Di Nome, Sr. PR Manager at Sony
Cellphone No.: 201- 930-6357
Email: Tom.DiNome@am.sony.com
LinkedIn: www.linkedin.com/pub/tom-di-nome/6/570/707
Sony Security Breach
USA, April 1, 2015- Earlier today at 3 a.m. Sony experienced a site-wide hacking into all its
systems. Sony is currently investigating further into the situation and will present new
information as it becomes available.
As everyone is aware hacking is not an uncommon occurrence and happen to the smallest and
largest of corporations. We at Sony were unfortunate targets. The hacking occurred due to the
lack of a proper cybersecurity and viruses on our system that went undetected.
“We understand the severity of the situation.” Nicole Seligman stated, president of Sony
Corporation of America, “We are following proper protocol to investigate the situation and mend
tides the affected individuals.
CEO of Sony Entertainment and Pictures, Michael Lynton replied, “ This is not an April Fool’s
joke or a laughing matter and we at Sony are taking full responsibility for this crisis.”
-MORE-
S o n y S e c u r i t y B r e a c h P a g e | 12
p.2
About Sony
At Sony, our mission is to be a company that inspires and fulfills your curiosity. Our unlimited
passion for technology, content and services, and relentless pursuit of innovation, drives us to
deliver ground-breaking new excitement and entertainment in ways that only Sony can. Creating
unique new cultures and experiences.Everything we do, is to move you emotionally.
###
S o n y S e c u r i t y B r e a c h P a g e | 13
Post Crises Review
Once the crisis has concluded Sony will need to evaluate the overall effectiveness of the
crisis plan. To measure the success of the plan Sony will need to look at:

How quickly did Sony get the information out to the public?

Was Sony the first to inform the public of the crisis?

Was media coverage used effectively? Did it hurt or help the crisis?

Were all the key personnel active in implementing the plan?

Did Sony employees follow proper protocol? Was it an effective protocol?

Was Tom Di Nome a great spokesperson for Sony?

Did Sony retain their loyal clients and employees?

Was the concept of compensating individuals for emotional distress a success or
fail?

How effective is the new cybersecurity system? Is it the best cybersecurity
available?

How can Sony ensure that this crisis was a one time occurance other than the
crisis plan?

What areas of the crisis plan can be improved?

Are their early warning detectors?

What is the legal and financial damage to Sony due to the crisis?
Related documents
Green Management in high-tech industry:a case study of Sony Group
Green Management in high-tech industry:a case study of Sony Group
Investment Web Quest
Investment Web Quest
Based in Singapore, Sony Electronics Asia Pacific Pte. Ltd serves as
Based in Singapore, Sony Electronics Asia Pacific Pte. Ltd serves as
Rich Marty
Rich Marty
Process Innovation
Process Innovation
The life and death of the Sony Walkman
The life and death of the Sony Walkman
Download
advertisement