b'To build an effective information security program, organizations and leaders need to take seven essential steps, including updating a risk assessment, says consultant Tom Walsh.'