Given the Board of Director's interest in understanding cyber security and IT risk management in general; CIO's should add a strategic objective focused on IT risk management. Read this chapter from CIO Leadership Insights to learn about a proven model for identifying and managing IT risks.