Cyber-risk management is about to get easier