As companies brace themselves for a long road of spikes in cyberattacks and rapidly changing regulations, many are forced to look beyond their IT department to help with their cybersecurity strategy.