Cybersecurity should be a concern shared by an entire organisation, not just IT teams. But many executives shy away from the topic because they think it's too technical or complex for them to understand. There are definitely cybersecurity questions executives should ask to ensure they are armed with the right information to address issues that are making their organisations more vulnerable to attacks. Here are three of them.
Australia has become a popular target for cyberattacks. So much so, that the Federal Government has invested $230 million to ward off cybersecurity threats as local organisations are increasingly under threat.
In order to assess their cybersecurity risk, organisations need to know the value of their data, who can access it, where it is stored, how it is protected and how well. This will give leadership teams a better understanding of how they are managing cyber risk, according to IT security vendor Palo Alto.
Palo Alto said there are three critical cybersecurity questions leadership teams should ask:
- Have we identified the right risks for our company and customers?
- Are we managing those risks effectively, keeping in mind that compliance and more spending on security does not equal security?
- Do we have plans and capabilities in place to respond swiftly to an incident, and do we regularly test those plans?
These questions came from the book Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers by Telstra's former Head of Cyber Influence Rachael Falk and Telstra CISO Mike Burgess.
Palo Alto vice-president and regional chief security officer Sean Duca said:
“Once leadership teams have a clear understanding of their organisation’s risk appetite and how well they’re managing cyber risk, they need to gain assurance from IT teams that any gaps will be remedied and that appropriate technologies will be implemented. It’s important that they ask strategic questions to cut through the veneer of mystery that surrounds cybersecurity issues."
Do you have a question that you think should be on the list? Let us know in the comments.