The Chief Information Security Officer

The IT department

The business itself

The cybersecurity team

Indifference

Confusion

Excitement

Concern or fear

Encrypting all data

Identifying and understanding critical assets

Using outdated software

Ignoring cyber hygiene

Reduced costs

Improved security

Vulnerabilities to cyber attacks

Increased efficiency

Third parties never have access to critical data

Third parties do not affect cybersecurity

Third parties can introduce vulnerabilities

Third parties are always secure

Improved third-party relations

Widespread impact across multiple organizations

No impact on the organization

Increased profits

A list of potential hackers

A contract with an incident response provider

A guarantee of no cyber incidents

A plan to ignore incidents