From detecting cyber-attacks to mitigating risk within a hybrid environment