The first discussion began with James Edgar and his roundtable participants unanimously agreeing that the weakest link within cybersecurity is our users. Enterprises must also be mindful of their developers and the potential weaknesses that they could introduce to new products and the system as a whole. However, security professionals also need to be aware of themselves. Are they doing enough to be effective security leaders? Are security professionals shifting from a business-focus risk to an operational-focus risk? In terms of IT/OT convergence, security professionals need to be sure that they are in alignment with the right people in place as they rollout new capabilities and move to the cloud. To help the weakest link—our users—security executives can employ risk management, ensuring they measure their risks and understand where they are on their threshold. Risks should also be quantified as much as possible, so they can be properly explained and reported to the board.