The document discusses challenges and solutions for corporate cyber security. It identifies increased sophistication of adversaries, regulatory compliance risks, and risks of new technologies as external challenges. Internal challenges include disparate risk functions, misaligned risk appetites, and insufficient resources. Solutions proposed are establishing a full-scoped computer security incident response team, implementing a unified compliance framework, conducting forward-looking security research, forming cross-functional risk committees, and developing security metrics. Quick wins identified are establishing a CSIRT, cross-functional risk committees, and implementing security metrics.