Two Companies Walk into a Bar: Cyber Risk for the C-Suite