In the past, security measures were often deployed in reaction to an incident or a likely threat, but today’s corporations are expected to integrate multiple layers of security into a coherent and preventative framework. Risk management principles and practices developed during the last decade can be of assistance; however, they require corporate boards to take ownership and lead the initiative. The board’s primary responsibility is to provide vision, strategic oversight, and support to a corporate defense program designed to safeguard stakeholder interests.