How should we approach the development of cyber-policy and -infrastructure given the “short arm” of predictive knowledge?

Cyber attacks are on the rise and it becomes ever more important for companies to really assess what kind of cyber protection they have and take a deeper look at potential vulnerabilities that can hurt the company. Other than having insurances in place to help lower the damage, it is rather difficult to develop such policies as technology is constantly evolving. With the rate at which new software and hardware are being released it can only be assumed that people that hack and steal will find flaws in the new developments and exploits it for personal gain. When developing new policies dealing with cyber crime it is important to understand risk assessment. There’s a number of factors a company would need to look at such as how important the customers information is. In terms of how to prepare for an attack. unfortunately with the technology available to us today it is more about when the attack is going to occur rather than if one is going to occur. Most attacks are going to be fairly unpredictable and hard to track who the offender is since it is likely that the company would have no knowledge of it coming or where it is coming from. Preparing for everything is the best you can do and then learn from an attack after it has occurred. Preparation is key in defending against cyber attacks some ways to prepare are: regular scans of your computer using an anti-virus software, setting up private networks for your devices, and keeping passwords personal and not writing them down anywhere. Overall, it is just plain difficult to develop policies for a field that is constantly changing over the years and not exactly knowing what is to come until it has already happened.