2.1. Question 1 (from unit1 video transcripts and Sony case study)

Unit 1 focused on various leadership roles and their respective responsibilities in implementing an effective cybersecurity governance plan. Consider the leadership roles in Sony and their responsibilities in implementing the organization’s cybersecurity strategy:

• Drawing on your learnings from this module, explain the organization’s governing structure, and its approach to cybersecurity (as detailed in its policies and, where possible, observed in practice). If you are focusing on Sony, you may extrapolate the formal roles from the data available (in the case study and from your own research) and contrast this with what was observed.
• Based on your substantiation above, recommend changes that should be implemented and, if applicable, propose a new cybersecurity leadership plan that addresses its shortcomings.

(Approx. 300 words)

2.2. Question 2 (from unit 2 notes and Sony case study)

Unit 2 of this module described the management processes organizations should consider when developing a cybersecurity governance plan. Identify the steps Sony is taking to implement the management processes discussed in the Unit 2 notes, and address the following:

• Evaluate why the management processes utilized by Sony were insufficient to ensure good cybersecurity governance; and
• Based on your substantiation above, recommend management processes that would have addressed Sony’s shortcomings in implementing a cybersecurity governance plan and should be adhered to going forward.