Daily news reports of cyber data incidents serve as a constant reminder of the growing cyber risks that companies face. According to the Identity Theft Resource Center, there were 781 data breaches reported in 2015 alone, compromising nearly 170 million private records. As these numbers continue to skyrocket, the question for executives and risk managers has become not if you will experience a data breach but when. Response tactics aside, just wrapping your head around the risks and developing a strategy in a changing environment present their own significant challenges.