We can find ourselves hostage to a person in IT who alone holds access to key programs and data. How do you prevent such a vulnerability, and what do you do if it’s too late? Here are three practical plans to work through.

Good AI policies are easy to get your hands on and modify. Good adoption of those policies is a different matter. It's not in the policy, it's in the presentation.

CISOs are overwhelmed and often short-term. Neither need be. As CIOs, you have the opportunity to make them a hero. You just need to help them through one big problem with three strong moves.

Boards don’t want to get caught in a crisis, let alone one in which they were warned but caught unprepared. Boards need to challenge the paradigms by which they think of security, increase their knowledge of security as a business strategy, and respond with concerted management, strengthened posture and preparation.

The CIO and board of directors must implement a new dashboard that indicates secure risk management, business alignment and incident responses are in place and functional.

Cyber-crime costs to the world will double in a six year period ending in 2021. More reports of attacks give rise to a gnawing sense of inevitability. As leaders in the fight, there is only one strategy that safeguards our companies. Inevitability must promote “Response-ability.”