What should senior executives be asking?

CEOs and boards especially at leading organisations should be constantly covering cyber security as part of their agendas. So there are a number of crucial questions that should be being asked:

Who’s developing and maintaining our approach to this matter? And who’s responsible for that person/department?

What information/assets are most critical and what “value” is at stake if breached?

How have we promised to protect our customers and partners?

How does our history fair in cyber security? Do we need to work more with customers and partners to show that we can protect their information?

Have we got suitable measures and business processes in place to ensure critical information isn’t released at all levels?

Are we continuously evolving to protect our organisation from new threats?

Are we working with other organisations within our industry to ensure that we work together to reduce cyber threats?

Are we working with governing bodies and/or the government to reduce these threats?