From PwC, here are the top 10 questions your CEO should be asking you:
- Who is accountable for protecting our critical information?
- How do we define our key security objectives to ensure they remain relevant?
- How do we evaluate the effectiveness of our security program?
- How do we monitor our systems and prevent breaches?
- What is our plan for responding to a security breach?
- How do we train employees to view security as their responsibility?
- How do we take advantage of cloud computing and still protect our information assets?
- Are we spending our money on the right things?
- How can we ensure that we comply with regulatory requirements and industry standards in the most cost-effective, efficient manner?
- How do we meet expectations regarding data privacy?
This article provides a paragraph or two on each one of these questions.