Fast changing technical and regulatory factors make cyber an unpredictable risk, but with more experience and better tools, the threat can be made more manageable.