Nov. 23 — Despite billions of dollars invested in anti-hacking technology over the past 10 years, companies appear to have little idea of how to respond to a cyberattack. When Target Corp. was hacked during the busy 2013 Christmas season, investigators found the company had missed early warnings that might have prevented the loss of data belonging to 70 million customers. When the news came out, lawsuits were filed, and Chief Executive Officer Gregg Steinhafel resigned. Sony Pictures Entertainment Inc.’s fumbling response a year later to North Korean hackers turned a bad situation into a terrible one, costing Amy Pascal, one of the most powerful women in Hollywood, her job as co-chairman.
International Business Machines Corp., which has spent five years buying companies to make itself the world’s third-largest cybersecurity provider, wants to train corporate security teams, CEOs, and PR departments to handle those kinds of crises. Shortly after Election Day, the company unveiled a facility that combines gaming techniques and millions of dollars of sophisticated hardware to re-create scenarios like Target’s and Sony’s in white-knuckle, stock-plunging detail.