A cyber breach can have serious legal, financial, and reputational consequences for a company, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT problem. Senior management at a company should take the lead to ensure that the company is taking appropriate actions to protect itself against cyber risks. There are several steps that senior management can guide the company to take to prevent breaches from occurring and to mitigate the impact when they do occur.