Cloud computing. Mobile computing and Bring your own device (BYOD). Global collaboration and communication. Big data. Governance, risk management and compliance. Rapidly escalating regulatory requirements. The world is changing faster than we can keep pace. Attackers evolve methods more rapidly than we can develop defenses, amplifying the asymmetric threat. These are, indeed, interesting times. The question is not how to win, but how to survive in the ever-changing risk landscape.