Cyber security has become such a widespread concern for organizations of all types and sizes that it requires dealing with in a systematic manner. The high-profile nature of certain cyber attacks – Facebook, Google, British Airways, Equifax, Anthem, Home Depot, Yahoo, Sony, and Uber, to name a few – hides the fact that while the form, size, and intent of attacks tend to vary, the threat looms over private, public, and not-for-profit organizations alike in every corner of the world. Colleges and universities have fallen prey to costly ransomware attacks, havoc has been wreaked on banks in Italy, Canada, and Bangladesh, and Russian hackers hijacked the 2016 federal election through a simple phishing scam. Such attacks are alarmingly easy to design and deploy. Phishing, for example, requires only a single distracted click on a link in an email or text. Once the automated malware has gained a foothold, IT networks can be crippled in a matter of minutes. And that is just one of the many dangers lurking out there in cyber space.