Foundational Before You Buy Another Security Tool: Fix Governance and Process Cybersecurity leaders focus first on governance and risk identification, then on tool-agnostic and repeatable processes, and then on implementing tooling.