Cybersecurity is in the news and for good reason. Many of us have experienced firsthand what cybercriminals can do with our credit card numbers and our personally identifiable information being sold on the black market. In government, though, the stakes are higher. So it shouldn’t be a surprise that cybersecurity is on GAO’s High Risk List. Vulnerabilities abound in today’s technology-dependent world, and cybercriminals excel at exploiting weakness. Fortunately there are weapons organizations can deploy to fight back, and they fall into three main categories: people, tools, and data.