If we intend to minimize the risk of a successful attack, we must accept cybersecurity as an ongoing, evolving, relentless effort that requires diligence and discipline. And we have to throw more money at it, too.