We are evolving into a new stage of cybersecurity. We are entering the age of chaos, where small intrusions can have large secondary and tertiary effects never thought possible—with outcomes which impact our global institutions, businesses and geopolitical stability. The industry is shifting from focusing on cybersecurity as a technology problem, to cybersecurity as a business problem. Organizations must look at how their strategy changes when the objective is to plan for chaos, instead of anticipating its arrival.