We don’t need to read Threatbutt’s "2016 Danger Zone Incident Report" to understand that we are getting our asses handed to us. To make matters worse, pundits shout down from their ivory towers that breached organizations should have “done the basics.” Doctors prescribe the basics as well: maintain a healthy weight, eat fruits and vegetables, and exercise five times a week. Does that mean these basics are easy for us to do? No of course not. In this keynote, Rick will use personal health analogies to explain why our cyber security programs are in desperate need of an intervention and what we can do about it.