Sony says cyber attack will cost $15m

Sony expects the investigation and remediation costs of the November 2014 cyber attack on its movie subsidiary will amount to $15m

Sony expects the investigation and remediation costs of the devastating November 2014 cyber attack on its movie subsidiary will amount to $15m. 

The company was forced to release a financial results forecast for the quarter ending 31 December 2014 because of the serious disruption to its network systems caused by the cyber attack.

As a result of the attack, Sony said its movie subsidiary Sony Pictures Entertainment was unable to close its financial statements for the last quarter in time to report actual financial results.

Sony announced the results of its other segments – whose results were not affected by the cyber attack – for the last quarter.

The company said the forecasts for consolidated results and the Pictures segment are based on the information currently available to management.

Sony plans to announce its actual results for the last three months of 2014 by 31 March 2015.

According to the forecast for Sony Pictures Entertainment, sales are expected to have decreased 11.7% year-on-year to $1.6bn.

READ MORE ABOUT SONY

Rise in net income

The expected significant decrease in sales is primarily due to a decrease in sales for motion pictures and television productions, Sony said.

Operating income is expected to have decreased just over 90% to $20m, mainly due to the decrease in motion pictures and television productions sales, said the company.

While the cyber attack does not appear to have had much impact on the bottom line for the last quarter, the current quarter is expected to include approximately $15m in investigation and remediation costs relating to cyber attack, Sony said.

Overall, Sony expects a net income of $736m, which represents a 238% increase compared with the same quarter in 2013.

Operating income is forecast at $1.47bn and revenue is expected to have increased 6% year-on-year to $21.13bn.

Sony ascribed this increase to the favourable impact of foreign exchange rates and “significant” increases in sales for the mobile communications segment, the devices segment, and the games and network services segment.

Forecast income for the mobile communications segment in the last quarter is up 46% to $76m; game and network services is expected to be up 16.8% to $4.39bn; a 90% increase is forecast imaging products to $190m; home entertainment and sound is expected to up 295% to $209m; music is expected to be up 17% to $210m; and financial services is expected to be up 9.7% to 420m; while devices is expected to earn $451m compared with a loss of nearly $200m the in the same period in 2013.

However, the company said all increases are expected to be partially offset by a significant decrease in sales in the “all other” segments, mainly related to Sony’s exit from the PC business, and a significant decrease in sales in the pictures segment, mainly due to lower motion pictures and television productions sales.

Sony has revised its forecast for the financial year ending in March 2015. While the company still expects to make a loss, it now estimates that it will be $1.44bn after previously predicting $1.95bn.

Data assets

Security and communications supplier ViaSat UK said that by setting aside $15m shows that it has learned that data is more than ever most businesses’ most valuable asset.

“However, money on its own will not help,” said ViaSat UK chief Chris McIntosh.

“Organisations such as Sony need to develop a clear strategy and approach to what they secure, and how they secure it,” he said.

According to McIntosh, this means having both the right technology and the right education at an operational level.

“The most expensive, high-tech security solution is absolutely useless if employees don’t know how to use it, or why it’s so important in the first place,” he said.

But even with all the education in the world, McIntosh said there is still the chance of human error, which means businesses must take steps to limit the impact that employee actions such as sharing passwords or clicking on the wrong link can have.

“In the best case, sensitive information should be deleted when no longer needed or at the very least encrypted. Only then will organisations like Sony be assured that, when the next inevitable cyber-attack happens, the damage to their reputation can be limited,” he said.

Read more on Hackers and cybercrime prevention