In 2015, we continued to see more major cyber attacks than ever before which in turn put pressure on organizations in every industry to have the right measures in place to protect both themselves and their customers. While most organizations already have some sort of security practices in place, many do not have a complete security strategy for end-to-end coverage. In fact, a recent study found 80 percent of CISOs feel they are not properly prepared for today’s cyber war. This talk will detail three critically important aspects to building a complete, end-to-end security strategy. The first, integrate your organization’s operations and security leaders. By doing so, security leaders gain visibility into operation partners, vendors, and practices which allows them to have a complete view of the ecosystem that needs protection. Second, adopt security intelligence/situational awareness processes. Most companies lack the ability to understand where potential threats reside in their infrastructure, which means attacks, can go unnoticed for extended periods of time before they receive a proper response. Third, make your security strategy your own. No security strategy is the same, because every organization has different business critical data and different operations. Each organization needs to take the understanding of their operations and security needs and then apply it to the necessary security steps appropriate for their company.