The year end episode does some comparing and contrasting of risk management in different areas, including things outside of cyber. Ironically, recorded just a couple days before most of the world learned about a module design choice in Java that suddenly makes logging dangerous, it brings home the point that our cyber threat landscape is complex . Complexity and uncertainty are nothing new for cyber security  and risk management  professionals. Navigating  through those waters despite the lack of authority often afforded those tasked with ensuring an organization's safety adds human behaviour to that complexity.  Tim offers a number of suggestions on influencing action despite competing agendas within the organization.