Sony Hack Aftershocks: Viacom Steps Up Cybersecurity With New Policy (Exclusive)

The company-wide policy is part of new protective measures in wake of last year’s devastating digital attack

In the wake of the devastating Sony Pictures Entertainment hack last year, rival entertainment conglomerate Viacom has instituted a new company-wide cybersecurity measure that will automatically delete emails from employees’ in-boxes every 30 days, insiders tell TheWrap.

According to the source, starting in early May, the company began informing staffers on a rolling basis that they have 90 days to clean out their old email or put them somewhere safe before the new policy goes into effect. The first wave of email deletions should happen later this summer.

“However many emails you have piled up over the years, if you don’t do anything with them, they go away,” said another person, adding that the policy is “is consistent with industry best practices and is part of an annual review of security and records procedures.”

This particular initiative is focused on email but is part of a wider examination of security firewalls across Hollywood after the disruption and public humiliation visited on Sony by hackers last November. The FBI has blamed North Korea, whose government publicly denies any involvement. A new documentary currently in production proposes alternative theories. 

It’s a sensitive issue. A Viacom spokesman declined to comment as did reps from other Hollywood studios, but insiders noted that beefed up measures are certainly in place across the industry. “It was obviously a situation that required action, and action was taken,” a person at another major studio tells The Wrap.

According to a recent study by Juniper Research, hacking could cost global businesses as much as $2.1 trillion through 2019.

A number of studio executives have acknowledged publicly that the Sony hack prompted high-level, full-scale reviews of security policy.

“Unfortunately, Sony was the siren song for a lot of other media companies to really get their houses in order,” Jason Glassberg, a co-founder of Casaba Security, which works with media companies to help secure systems and prevent malicious attacks.

Most of Sony Pictures Entertainment’s financial accounting applications and other critical information technology was offline for moths. Telephones were disabled and the release of financial results had to be postponed. And a tidal wave of embarrassing leaked emails forced the resignation of co-studio head Amy Pascal in February.

“Email systems don’t offer any kind of privacy. Emails don’t disappear by themselves. If you don’t have any system that deletes them after a certain amount of time, they tend to live on in perpetuity, said Glassberg. “As  long as they exist somewhere on some server, there’s always the ability for someone to discover them and expose them.”