Cyber security has long been the concern of CIOs, CISOs, and compliance officers. It was a regulatory obligation for many boardrooms - tick the box, demonstrate due diligence, and move on.