Information technology (IT) has been rapidly developed to provide financial services for customers via the Internet. This service is available 24 hours a day, 7 days a week across borders. On the other hand, technology-oriented financial services may face various cyber risks such as disruption caused by natural disasters and terrorist attacks, impersonation and other events stemming from unauthorized access, and theft or alteration of data. Once these events occur, they can affect not only companies such as financial institutions but also their stakeholders (e.g. customers) and financial stability. These events lead to indirect effects such as lawsuits and a bad reputation losing a sound customer base immediately. Thus, it is critical to enhance cyber risk management in advance before the nightmare happens, in order to enjoy the benefits of IT. This chapter introduces practical methods of enhancing cyber risk management efficiently and effectively with the framework of Enterprise Risk Management (ERM) and Basel Accord II (Basel II). It aims to show how to enhance cyber risk management, as well as efficiency, so that sustainable growth is achieved with a balance between risk and return or risk-adjusted return on equity.