Please annotate and comment on strategic management of cybersecurity risks.

The ultimate purpose of strategic management is to enable companies to achieve their strategic objectives and corporate purpose. Forces of change in information technology and the ever-increasing and complex nature of cybersecurity threats facing organizations create major challenges for understanding how to identify, assess, and manage these risks and opportunities as part of the strategic management processes of an organization. Research at the Strategic Risk Management Lab at DePaul University was presented at the 2019 American Accounting Association annual meeting describing a process for assessing and managing cybersecurity risks as part of the strategic management of an organization using a strategic risk assessment process. A strategic risk assessment process can be used to assess and manage cybersecurity risks and to develop a cybersecurity risk profile that includes readiness as a primary element. (For more on the assessment process, see "The CFO and Strategic Risk Management," Strategic Finance, January 2021.) Darren S. Guccione, CEO and cofounder of Keeper Security, a leading cybersecurity software company, shares his insights on how companies assess and develop readiness capabilities in order to assess, measure, and mitigate cybersecurity risks