Security and risk management in the age of disruption