The obvious equation people think of is: cyber = tech; however, rarely is that the case. Cyber security is as much, if not more, about culture, human behaviour and training as it is technology.

Simply building strong walls to try and stop the "bad guys" is not enough.  Simply put, no wall can be built to withhold all attacks, and still allow the business it is protecting to function.  Therefore, businesses need to look to a wider, more comprehensive set of controls to help protect themselves - including how they react to an incident.

There is not a "one size fits all" solution to cyber security and it is essential that businesses of all shapes and sizes take a close look at what they currently do, what their risks and exposures are and how they then address any gaps through remediation.

If the first step is to start thinking of cyber not just being a "tech problem," the second step should be for businesses to conduct an independent security assessment of their current environment so that they can decide how and where to take action.