The mindset and engagement of executive leadership, and specifically the CFO, to set a culture of security, further enables that organization to take steps to notify and educate all employees of their role in preventing cyberattacks. In the absence of controls, reporting, and enforcement measures, CFOs rely on hope to address their concerns.