12. Alissa Ponchione, “CISOs: The CFOs of IT,” CFO, November 7, 2013, ww2.cfo.com/technology/2013/11/cisos-cfos/.
13. Matthew J. Schwartz, “Target Ignored Data Breach Alarms,” Dark Reading (blog), InformationWeek, March 14, 2014, www.darkreading.com/attacks-and-breaches/target-ignored-data-breach-alarms/d/d-id/1127712.
14. Elizabeth Weise, “Chief Information Security Officers Hard to Find – and Harder to Keep,” USA Today, December 3, 2014, www.usatoday.com/story/tech/2014/12/02/sony-hack-attack-chiefinformation-security-offi cer-philip-reitinger/19776929/.
15. Kelly Kavanagh, “North America Security Market Forecast: 2001–2006,” Gartner, October 9, 2002, www.bus.umich.edu/KresgePublic/Journals/ Gartner/ research/110400/110432/110432.html.
16. Sean Brodrick, “Why 2016 Will Be the Year of Cybersecurity,” Energy & Resources Digest, December 30, 2015, http://energyandresourcesdigest.com/ invest-cybersecurity-2016-hack-cibr/.
17. Deborah Gage, “VCs Pour Money into Cybersecurity Startups,” Wall Street Journal, April 19, 2015, www.wsj.com/articles/vcs-pour-moneyinto-cybersecurity-startups-1429499474.
18. PWC, Managing Cyber Risks in an Interconnected World: Key Findings from the Global State of Information Security Survey 2015, September 30, 2014, www.pwc.be/en/news-publications/publications/2014/gsiss2015.html.
19. OWASP, “OWASP Risk Rating Methodology,” last modified September 3, 2015, www.owasp.org/index.php/ OWASP_Risk_Rating_Methodology.