Cybercrime is pervasive because of its sheer profitability. In 2008, consumers lost over $8 billion as a result of viruses, spy ware, and phishing. In 2008, President Bush signed a directive implementing the Comprehensive National Cyber-Security Initiative (CNCI), the U.S. Government’s effort to secure cyberspace. The Department of Homeland Security (DHS) was tasked with the lead role in fulfilling the directive. In order to secure government agencies’ computer networks, DHS set out three major public priorities addressing issues in access points, data traffic, and security protocol. In addition, the creation of an assistant to the President for cyber-security who directs the Nation’s cyber-security efforts is envisioned. However, many industry and government experts agree that for organizations to be effective in mitigating cyber attacks there needs to be a coupling of technology, awareness, and education to change the way government and industry employees approach cyber-security. Public-private institutes, think-tanks, and industry associations are taking a lead in crafting and developing cyber-security policy and standards. In 2008, the Cyber Secure Institute was founded. In summary, there is the need for a cultural change in approaching the cyber threat.