‘Meeting the cyber risk challenge’, which polled more than 150 risk management professionals across Europe, found that just 16 percent of companies had a chief information security officer in place to manage cyber risk and privacy. However, as an escalating number of companies face dealing with the aftermath of reported data breaches, it is clear that cybercrime knows no boundaries and no organization is immune. First among these is one that sounds elementary, although in reality often turns out to be quite complicated: conduct an audit of the IT and physical security system.