A mid-sized enterprise has recently experienced a cybersecurity breach. The management decides to implement the Cybersecurity Maturity Model to systematically enhance their security posture and prevent future incidents. As the organization begins to implement the Cybersecurity Maturity Model, what should be their first step to effectively strengthen their cybersecurity framework?