The short arm of predictive knowledge, in a sense, is the use of foreshadowing to try and determine what cyber-policies should be put into place based on the possible behavior of attackers. I think this can be a negative in one regard because no one knows everything, especially when it comes to cybersecurity and cyber crimes, even more so if that is the only form of knowledge a organization uses. As soon as an organization for example, thinks they have every risk or threat eliminated, more of them can pop up in an instant, especially if the organization decides to not update their firewall or their systems. Lets say an organization predicts that the next threat will be a malware attack. While the organization may be protected against malware, what if they forget to change their passwords? Because they focused only on malware, and not their passwords, they now could experience a cyber attack if someone is easily able to guess their passwords. However, it is important that policies are always updated and evaluated, as the same goes for infrastructure, in order to prevent said attacks or other forms of security breaches. Having a set cyber policy in essence, can be a stepping stone to help prevent future attacks and also determine what is and what is not acceptable behavior. As mentioned, while predictive knowledge has negatives attached to it, it also has some positives. Using predictive knowledge, while if it is incorrectly used can lead to potentially not focusing on one area, can help determine what type of attacks to prepare for if it is used correctly. If a certain type of cyberattack is currently “the norm”, then the company can prepare for that specific type, but is important to rely on current knowledge too. If an organization possesses a large set of information that contains the current trends and future trends in regards to attacks, then they can help themselves craft a concrete cyber policy. It is also important to have a strong cyber infrastructure as well, which is the network that helps connect systems and files through the cyber world. Having a secure and strong infrastructure is another key aspect an organization must have, and if an organization has both a strong infrastructure and concrete policy, then they are most likely well protected against threats.