But no matter how much attention (or budget) is lavished on cybersecurity, executives need to understand that getting hacked isn’t a matter of if but when. This is the new normal in cybersecurity, and it changes the approach to preparation and risk management.