[personZ]

As peeters said, most organizations rely upon the historical volume of emails to operate effectively. This isn't a simple solution.

Add that a narrative around this story is that the hackers "spear phished" an IT admin. This is incredibly difficult to defend against for any organization (seriously -- for all of the browbeating against Sony on here -- it's all so simple -- I would argue that there are zero organizations that would withstand a concerted, targeted attack. Most would fall in a day). Not only did they purportedly co-opt a privileged account, they then sat on it for months.

Over months they could have changed policies, retrieved backups, and on and on.

When blaming Sony, everyone needs to remember that Snowden, a Dell contractor working at the NSA with limited access, took the King's Ransom from what is assumed to be the pinnacle of computer security and awareness.