The document discusses the need for businesses to update their cyber security policies due to shifts in communication technologies and regulations. Real-time communication apps now dominate personal and work communications, exposing businesses to new threats. Regulations like the EU's GDPR also extend security requirements. The document advocates developing clear, multi-layered cyber security policies that recognize cyber criminals operate via value chains and that reasonable protections are needed to comply with regulations and withstand legal scrutiny if breached.