Focused on various leadership roles and their respective responsibilities in implementing an effective cyber-security governance plan. Consider the leadership roles in Sony’s case study and their responsibilities in implementing the organization’s cyber-security strategy: • Drawing on your learning from this module, explain the organization’s governing structure, and its approach to cyber-security (as detailed in its policies and, where possible, observed in practice). If you are focusing on Sony, you may extrapolate the formal roles from the data available (in the case study and from your own research) and contrast this with what was observed. • Based on your substantiation above, recommend changes that should be implemented and, if applicable, propose a new cyber-security leadership plan that addresses its shortcomings. (Approx. 300-400 words) — include 1-2 sources
Question 2 Unit 2 of this module described the management processes organizations should consider when developing a cyber-security governance plan. Identify the steps Sony has taken to implement the management processes discussed in the Unit 2 notes and address the following: If you are using Sony as your chosen organization: • Evaluate why the management processes utilized by Sony were insufficient to ensure good cyber-security governance; and • Based on your substantiation above, recommend management processes that would have addressed Sony’s shortcomings in implementing a cyber-security governance plan and should be adhered to going forward. (Approx. 300-400 words) — include 1-2 sources
2.3. Question 3 Unit 3 focuses on the importance of keeping an organization’s cyber-security awareness updated. To do so, the notes described the types of security awareness training that are available and the topics that should ideally be included in training programs. In your answer, address the following: • If relevant, identify any cyber-security awareness programs or practices utilized by Sony, and evaluate whether they sufficiently cover the recommended topics mentioned in the Unit 3 notes. • Based on your substantiation above, provide an outline of a cyber-security awareness program you would suggest for Sony. Your outline of the training program should cover the following three aspects: 1. The type of security awareness training (classroom or online); 2. The topics included in the training program; 3. The target audience; and
Activate Windows
- The roles and responsibilities of those responsible for executing the training program. Go to Settings to activate Windows. Each aspect should be accompanied by reasons for your choices based on the organization’s Sony) context and needs.
Sample Solution
