Questions about cyber security? Ask your IT team…

In the world of IT, if you aren’t a ‘techie’ you just won’t understand the full implications or scale of a cyber security solution needed to defend your business. To some extent, you don’t need a clear understanding of the technical details, but you should know what your IT team is doing to protect your business. So, whether you outsource IT support, or have in-house an IT department, what questions do you need to ask?

  • What is the top cyber security concern our business faces today?
  • Do we have the right resources to address the most significant cyber security threats?
  • How does the business respond to cyber threats in progress (e.g. malware, hacking and phishing scams)?
  • Would our security logs show such an attack, even if it were unsuccessful in penetrating our IT defences?
  • Do we have a fully tested plan of action if there is a successful attack?
  • If we had an incident then ‘how bad’ could it be i.e. what is the worst-case scenario?
  • As well as external threats, are we protected from risks posed by employees, including, device use, and employee leavers risks? Are our user policies sufficient?
  • Are we vulnerable to third party applications hosted on our network?
  • Is all sensitive data secure (in storage and when transmitted) and backed up routine basis?
  • What do you need to know about the business to help you protect it?

Do you need to do anything with the answers?

Depending on the answers you get from your IT support, you could find yourself with a list of things to be actioned in order to get your business up to speed, or discover you are on top of everything with all bases covered! By asking these questions you can ascertain if your business is suitably protected at a technical level. It will also assist you in deciding upon the correct level of cyber insurance should an incident occur.

Cyber threats are always evolving so revisit these questions regularly to stay informed and prepared.

Modern data: 12 Cyber security questions you should ask your IT team to answer
QBE – Cyber risk for Jelf champions presentation