Cybersecurity should be aligned with organizational governance. This drives the right type and level of information security governance, incorporating risk and compliance management, and can guide prioritization of resources and investments.