Often times organizations know security controls need to be applied, but the order and meaning for doing so is often dissociated to the businesses needs. In this panel, we will dissect the need for knowing your industry, researching and prioritizing specific threat actors to your business, and creating a meaningful process for applying mitigations to them.