With the rapid advancement of technology, new ideas and innovations are introduced on a regular basis. As a result, individuals should approach the development of cyber-policy and infrastructure as a means of familiarizing themselves with the material and taking action early to prevent future attacks. Organizations, on the other hand, must take action and comply with certain security standards in order to avoid certain types of breaches or attacks. Most breaches are unpredictable, so companies have no way of knowing when or how they will happen, as Jones described when he gave the definition of the “short arm of predictive knowledge in technology,” which he defined as “there being no definitive way to determine future technological developments.” Along with enforcing security standards, organizations should also educate their employees about cybersecurity threats and policies so that they are prepared if an attack occurs. The corporation cannot just create policies without enforcing them. Overall, developing a policy for an area that is always evolving and not knowing what will happen until it has already happened is difficult.