In the current turbulent environment, many organisations are prioritising risk management as never before. However, according to the newly released Global Risk Report 2016, organisations are still not fully internalising cyber security risks. Despite cyber‐dependency being stated as one of the most important trends shaping global development over the next 10 years, organisations are only just waking up to the technological risks involved.