A good cybersecurity approach affects all elements in an organisation: in height (organisational structure) and in breadth (service provision). It is therefore pre-eminently a strategic challenge for the boardroom. The IT department also plays an important role, of course, but the boardroom determines at a strategic level the frameworks for formulating, implementing, monitoring and enforcing the cybersecurity policy in your organisation. The Cyber Security Council organises various activities, advice and guidelines to draw attention to this.