Many security predictions paint a doomsday scenario where a crippling cyberattack will leave us all reeling from its effects or Supervisory Control and Data Acquisition (SCADA) systems vulnerabilities will be exploited to play havoc with our national infrastructure. While these threats are real, the probability of such events happening is unknown at worst, and low at best. On the other hand, prudent CISOs around the world are building their 2009 strategy based on the current economic climate, changes in the technology landscape, and most importantly, to meet and exceed the business expectations.