The cybersecurity industry, as a whole, is invested in selling solutions that reduce the most general security issues, not solving your company’s specific problems or the problems that will hurt you the most! So there’s a lot of snake oil--or maybe not snake oil, but solutions that don’t fit the problem. Maybe they are over-engineered, or maybe they don’t do what they’re supposed to. So executives and board members need to look out for that. How do they navigate this, then? What should they do? Let’s focus on the board here. Because, really, the board has a different role here then the business leaders within the organization. What is the board’s role in finding the right cybersecurity advisor or solution?