Revised DOJ compliance guidance offers risk-management lessons for cybersecurity leaders