Every IT organization accessing sensitive data, regardless of their size, must protect that data. Otherwise, your company is exposed to unacceptable risk. However, since cyber attacks on small and medium size businesses (SMB’s) rarely make headlines, it is easy for these IT organizations to develop a false sense of security. Information security is becoming increasingly challenging as both IT complexity and the threat landscape are evolving at an accelerated pace. During this presentation, I will share my methodology, including key, actionable recommendations to help you meet the challenge and manage your IT risk.