Cyber security involves protecting organisations from cyber risks, the threats to organisations caused by digital technology. These risks can cause direct damage to revenues and profits as well as indirect damage through reduced efficiency, lower employee morale, and reputational damage. Cyber security is often thought to be the domain of specialist IT professionals however, cyber risks are found across and within organisations. Unfortunately, many managers outside IT feel they are ill equipped to deal with cyber risks and the use of jargon makes the subject especially hard to understand. For this reason cyber threats are worse than they really need to be. The reality is that the threat from cyber risks is constantly growing, thus non-technical managers need to understand and manage it. As well as offering practical advice, the author guides readers through the processes that will enable them to manage and mitigate such threats and protect their organisations.