If you don’t have a cybersecurity background, but wanted to have a discussion with those that do, the U.K. National Cyber Security Centre details five questions board members should ask their organization’s chief information security officers about cybersecurity preparedness:

  1. 1. How do we defend the organization against phishing attacks?
  2. 2. How does the organization control the use of privileged IT accounts?
  3. 3. How do we ensure that the organization’s software and devices are up to date?
  4. 4. How do we make sure partners and suppliers protect information the organization shares with them?
  5. 5. What authentication methods are used to control access to systems and data?

Take some time to check out the center’s site for some great information, which includes potential answers you’d receive to these questions.