User:Shawndouglas/sandbox/sublevel3

You've also managed to identify what regulations affect your organization's operations, as well as who would be most affected by cybersecurity incidents. This and other areas are where you turn to identify your external stakeholders. While the identities of internal stakeholders are fairly easy to discern, determining external stakeholders can be a bit more challenging, and it will vary slightly depending on the nature of your business. A forensic science laboratory, for example, will have to consider the likes of federal agencies as stakeholders for reporting and accountability of sensitive data, whereas a public library addressing cybersecurity would have quite different external stakeholders. Be sure to look beyond government to software and equipment vendors, customers, and investors.