In this module, you were introduced to the three types of assets that constitute an organization’s information infrastructure, namely critical systems, networks, and data. The three units in this module have addressed these assets individually, highlighting both their functions in an organizational context and their inherent vulnerabilities to cyberattack.
It is important for organizations to identify which critical systems, networks, and data take priority when allocating resources to cybersecurity efforts. In this ongoing project submission, you will complete the second part of your risk mitigation strategy, which is to identify an organization’s critical systems, networks, and data, and the potential vulnerabilities that make these three assets vulnerable to attack. Write an analysis of the identified systems, networks, and data by addressing the following points words, with respect to the organization you are focusing on.
Sony:
What types of critical systems, networks, and data would you expect constitute Sony’s information infrastructure? Provide a brief description of these types of assets, and where relevant, the roles that these assets play in the organization. Consider conducting further research online, beyond the scope of the provided case study, to aid your answer.
Which of these critical assets do you think are the most essential to the organization’s ability to accomplish its mission? Explain why.
Do you think that the 2014 attack against Sony primarily targeted systems, networks, data, or a combination of all three?
