The methods and tactics used by the advanced persistent threat attackers are explained at a non-technical level to enable the business executives to understand the enemy and evaluate their organization's posture against it. While stay a non-technical level demonstrations are provided to have a better grasp on the attacker methods and tools. Managing cybersecurity risks requires a good understanding of governance, regulatory requirements and relevant best practices. Thus, a cybersecurity governance primer is also provided to the participants.