Cyber Security plans cannot be accomplished with SEC check lists. A complete understanding of the major components of a Cyber Security Plan is essential. Valuing a breach and understanding the ROI for cyber defenses is a difficult task and one size does not fit all. Once the plan is defined, risk mitigation discussions should begin. Technology is no longer an expense item, it’s a strategic asset.