Sony hack reveals a new cold war—are you ready?

Sen. John McCain issued a statement saying that cybersecurity is the least understood, most dangerous element of the U.S.'s national security today.

With the recent attacks on Sony, there has been a pivotal change in how corporate breaches occur. This was a targeted attack and it reached a new level of malice. In addition to a devastating strike against the company, personal employee information was leveraged for financial gain, and terrorist threats were made.


At Herjavec Group, we have predicted for some time now that cyberwarfare will soon lead to the loss of human life through an attack against infrastructure whether it be transit networks, flight controls or a system of equal or greater significance. We don't make this statement to be ominous or grotesque. The world we live in has changed and the threat of cybercrime has transitioned from the online world to the very real, very dangerous, physical reality. The FBI has confirmed that North Korea was responsible for the targeted attack against Sony. This is not the first time that a foreign government has been tied to cyberattacks. Every company, and every individual, can and must to do more to protect themselves.

Read MoreUS officials: North Korea ordered the Sony hack

What should businesses do?

We tell customers that no environment is 100 percent secure. How an organization monitors vulnerabilities and remediates issues matters most. It is vital that companies do more to detect breaches earlier. If we all don't get better at this, incidents can quickly grow out of control, and, as in the case with Sony, escalate into a situation so large as to threaten the company itself, or cause an international incident.

We advise organizations to focus on monitoring technologies for incidents, and to develop, test and resource their response plans. It is imperative organizations find a balance between their processes, people, partners and technologies to hunt for those indicators of attack.

Read MoreOp-ed: Hey Sony —The 'e' in email stands for evidence

What should the general public do?

We as consumers all need to take proactive measures to update passwords regularly, and carefully monitor all transactional accounts to prevent exploitation of personal data.

  • Regularly change the passwords for every single account you have. Do not use a password more than once, anywhere, ever.
  • Never use any personally significant data to build a password. Names of your family or pets, birthdates, SSN, or house numbers will give an attacker a base to start from.
  • Use passwords that are more difficult to guess. Numbers at the beginning or end of the password are not strong. Leverage capitalized letters and symbols to enhance complexity.
  • Consider using a password manager like LastPass to help you with the passwords you create and use.
  • If your online account has an option to use two-step login, using a fob or smartphone app to provide additional login security, enable it, and use it.
  • If your account provider requires you to use "secret words" or "personal questions" for identity validation, use good questions and answers—never your mother's maiden name or the color of your first car. As a rough guideline, if your mother could answer the questions, you are not protected.
  • Every month, review all your credit and bank statements carefully and dispute any charges that you didn't authorize. A line by line review is critical to minimizing credit card fraud.
  • Review your home computer's operating system - update to latest patch levels, update your antivirus protection and run a full scan regularly.

Read MoreObama: Sony made a mistake by pulling 'The Interview'

The threat of cyberwarfare is the new reality and it is highly misunderstood. Do not be caught thinking, "this could never happen to MY business" or "No one would ever try to replicate MY passwords."

You will be targeted.

If you are one of the millions who touts "never to have been breached", it's likely you have been and simply do not know it yet.

We are facing a new cold war. It's time we accept it.

Read MoreSony: Let's be clear - 'The Interview' isn't over

Commentary by Robert Herjavec and Matt Anthony. Robert Herjavec is the founder & CEO of Herjavec Group, a global managed-security services. He also appears as an investor on the show, "Shark Tank." Matt Anthony is VP of remediation-security services for Herjavec Group. Follow Robert on Twitter at @robertherjavec and Matt @mattanth.