Cybercrime is a growth industry where the returns are great and the risks are low. As such, cybercrime has become the 'new normal' where EY have observed that the 'protect and control' mentality is no longer sufficient. In order to adequately address cyber-breaches, it is necessary for organizations to develop a strong, centralized response framework as part of the enterprise risk management strategy.