On Tuesday, Sony’s chief executive Kazuo Hirai claimed that the November cyber-attack on Sony Pictures will have a minimal financial impact.
Speaking to reporters at the Consumer Electronics Show (CES) in Las Vegas, Hirai said he personally signed off all decisions made by Sony in response to the attack.
“We are still reviewing the effects of the cyber-attack,” Hirai said.
“However, I do not see it as something that will cause a material upheaval on Sony Pictures’ business operations, basically, in terms of results for the current fiscal year,” he added.
But what will the cyber-attack mean for Sony’s bottom line over the long term?
According to some experts, it may take some time before the true financial extent of the attack is known.
“With the breadth and diversity of data taken from Sony, the full impact of this breach will likely not be realised for some time to come,” says Rus Spitler, VP of product strategy at AlienVault.
“In near-term accounting it is easy to evaluate the impact on box office sales for a movie, but the data that is now public has far-reaching implications; every single agent in Hollywood has a complete track record of Sony’s behaviour during negotiations, so next time Sony wants to sign an A-list actor to a film I am sure the costs will start adding up,” he adds.
Spitler believes that the long-term implications of the breach will be hard to calculate, and Kevin Epstein, VP of advanced security and governance at Proofpoint, agrees.
“Historically, businesses that have suffered breaches involving consumer information have seen sales drop, brand equity degraded, and significant flight of customers to institutions where they believe their data will be better secured… but it’s unclear in this situation… whether it will create positive or negative consumer and financial effects overall,” he states.
Mark James, security expert at ESET, believes that Hirai’s statement probably holds some degree of truth.
“The actual hack probably did more good than harm as regards to PR for the film [The Interview],” he suggests.
However, the cyber-attacks will have a detrimental effect on the company – particularly people’s perception of the company and its ability to safeguard private data, says James.
“Any type of security breach has financial impacts and people deciding on whose services to pay for will certainly consider previous events before they shell out their hard-earned cash.
“We must be 100 per cent clear on the truth that cyber-attacks damage a company both from a financial and operational point of view and we should be very careful when discussing these publicly,” he says.