PWC names 5 activities that define a holistic approach to a company's cyber risk management. By understanding and leveraging the CSF, boards can play an active role engaging with security leadership and company leadership about the company’s cybersecurity strategy and its effort to build cyber resiliency.