How we should approach making cyber policies with not a lot of predictive knowledge is to make sure that every cyber attack is properly recorded and monitored by someone. By following the trends of attacks, new ways on how to approach threats can be more easily dealt with and predicted. By learning what could be the cause of a threat for example there is a website that employees are using that is not apart of the companies trusted list and actually contains malware, the company can make new polices on a strict list that the employees should be using to complete their tasks. By also following trends on why it happened the company could implement some cyber training to spread awareness throughout the office so that people can fully understand what they are doing and how will it affect the company.

By learning from our mistakes we can implement better ways on how to solve cyberattacks.