Sony's CEO has forwarded a remarkable new rationale for his company's recent catastrophic network security failures. Howard Stringer warned last week that the April hacker thefts of millions of his customers' personal records are a prelude to global digital horrors. "It's not a brave new world," he told the media. "It's a bad new world."
Preaching Armageddon as a PR response to a corporation's own faulty technology and service is an unlikely tactic, especially when continuing attacks this very week show that Sony has clearly not eliminated its vulnerabilities. It's not our mess, Stringer seems to be implying with his dramatic blame shifting. It's the world's mess.
What's strange about this is that it seems to undercut an apology by Kaz Hirai, the head of Sony's gaming division, delivered ten days after the intrusion. Reuters called Stringer's comments "a stark departure from the remorseful tone struck just two weeks ago." Just last week the company offered an apology package, including a 12-month free identity protection program, free games and free content. Though late in coming, those were strong moves.
Yet Stringer's comments suggest Sony does not truly feel sorry for how badly it has treated its customers. What this bizarre narrative demonstrates is that Stringer and Sony are stuck in the first stages of grief: Not over the harm they have inflicted upon their customers, but in the potentially irreparable damage they have done to themselves and their brand.
Stage one of grief is shock and denial, stage two is pain and guilt, and stage three is anger and bargaining. Sony has gone through the first two stages and now Stringer is lashing back at critics who have blasted the firm for everything from its substandard security to an indefensible delay in alterting tens of millions of customers -- many of them children -- that personal and credit records were stolen. "Forty-three percent (of companies) notify victims within a month," a feisty Stringer told reporters last week in his first public statement since the April break-ins. "You're telling me my week wasn't fast enough?"
It was a bizarre statistical crutch to rely upon to defend what's widely considered one of the worst network security gaffes in history. Why compare your firm to average companies? Especially when New York's Attorney General and Congress are demanding Sony turn over detailed information about its security breakdown. Like how it allowed hackers to steal the names, addresses, email addresses, birthdays, and PlayStation Network login details of over 100 million customers.
But Stringer's most surprising plot twist was to attempt to divert scrutiny of Sony's problems with a wild claim of impending doom. Stringer told the media that one day hackers may strike at the power grid, air traffic controllers, or the global financial system.
Is Stringer Rumpolstillskin? Hackers have been attacking the Internet and high-tech companies for more than two decades. In 1990, I wrote about Rober Morris, the Harvard graduate who launched the first Internet worm, a science experiment gone awry that disabled a large chunk of the budding network. In the mid '90s I wrote The Fugitive Game and The Watchman, two books about the hackers, Kevin Mitnick and Kevin Poulsen, that showed the deep vulnerability of the Internet and major corporations to criminal intrusions.
Every major firm doing business on the Internet knows that their potential -- and Achilles' heel -- is the Internet. Google, Facebook, Microsoft and hundreds more corporations have known this for a very long time. The Internet makes these companies billions in profit. Doing business responsibly on the Internet -- and taking extraordinary care for the personal records and privacy of your customers -- is nothing short of a sacred duty.
Quite simply, Sony abandoned its duty, and Stringer is steaming mad about that internal breakdown because he knows that it threatens Sony's future. The timing couldn't be worse. This week Sony posted a $3.2 billion loss, due in part to the March earthquake and tsunami. The CEO has declared that Sony did everything possible to prevent the break-ins. That is denial. We've seen this broken narrative before. It is not taking the high road. It does not work. Congress, investigative journalists and hackers will eventually reveal the truth, and it will prove even more costly to the company's tattered reputation (Experts have already predicted the breach will cost Sony nearly $1 billion). We will learn that Sony engineers and officials knew of inherent internal weaknesses. That it had plans to roll out a new, more secure system. That it could have taken far more steps to prevent or reduce the harm to its customers.
Sony's story won't play. It won't play because it is not authentic, and it won't play because Stringer can't seem to remember his own narrative. Security -- and honest communication -- requires consistency. In the same week that Stringer declared the attacks on Sony had ushered in a "bad new world," he called the crisis "a hiccup in the road to a network future."
Which is it -- trivial or cataclysmic? And what a strange, disconnected way to talk about a potential disaster for tens of millions of Sony customers? Would you like threats to your financial and personal security to be seen by Sony as nothing more than hiccup?
And what of Stringer's suggestion that the future does not hold "a brave new world" but a "bad new world?" On top of everything else, Stringer apparently is ignorant of the meaning of a "brave new world." In reaching for a sound bite, Sony made another gaffe.
Perhaps the embattled CEO or someone on his communications team should have bothered to read the Wikipedia page on Aldous Huxley's 1932 book, Brave New World. Stringer shot himself in the foot. Huxley himself described Brave New World as a "nightmare." The Wikipedia page says that the dystopian sci-fi novel explored the "fear of losing individual identity in the fast-paced world of the future."
Jonathan Littman is the co-author of the Ten Faces of Innovation and the Art of Innovation. He is the founder of Snowball Narrative.