Cybersecurity must be a top-level priority for any organization and for many it is. Security should be viewed holistically and should include a range of elements, including layered, technology-based solutions on-premises and in the cloud; security awareness training to help employees become a more integral part of security defenses; the establishment of common-sense policies and practices that will bolster security defenses; and security education for the board of directors and senior managers to help them understand the critical role they play in enabling a culture of security.