At present we know that cybersecurity is not the subject of an area of the organization or the tools in which it is invested, cybersecurity is maintained as long as all members are aware of the risks to which the organization and the information they handle is exposed. This awareness should not be given only for operational areas or for employees who handle more information in their daily activities. Awareness must start from the highest and most important area of the organization so that your value awareness can be better replicated within the organization. Additionally, if you have a well-aware Senior Management, making decisions related to the investments that must be made in cybersecurity will be better informed and will be better understood by those who make the decisions within the business.