Cybersecurity professionals often refer to cybersecurity models as an onion. Like all onions a mature security program has implemented multiple layers of technical controls.

Here are four ways to identify IT risks: penetration testing, automated monitoring systems, user behavior analytics, education, and cybersecurity awareness.