Re: Too early to judge
It's quite possible that their IT people tried and tried and tried to get Sony's upper management to invest in proper security, but their business case analyses were rejected and they were told to go away.
I see it as a form of Corporate Darwinism.
The fittest companies have management that is intelligent enough to invest in IT security.
The unfit lack the intelligence, and so these companies will die away.
It's telling that this year many utility companies (gas, electric, etc) were unable to get "hacked insurance" because audits revealed their security was so embarrassing they could not get insurance at any cost.