We’ve learned that business leaders that oversee the IT department – usually CFOs or COOs, but sometimes the CEO – often lack the technical background to know what to ask that IT leader to get a true sense of their organization’s technical health.
Below, we provide a helpful list of 20 foundational questions those business leaders can use to start bridging that gap.
First, though, a little background…
Your IT leader’s life is hard: he or she receives help requests at all hours of the day and night, is struggling with the volume of daily employee support requests and finds it hard to ever truly go on vacation.
Meanwhile, the IT director doesn’t have time to keep up with the latest tools, trends and threats. This person typically isn’t going to volunteer what he is struggling with or what parts of data and network security he could use some expert help with, either.
This combination – the overworked IT leader paired with the non-technical business leader – leads to some of the most vulnerable networks we see from a cybersecurity perspective. Despite the company trying to do the right thing by investing in IT, it is often just as exposed to hackers as the small business around the corner with only the most basic cybersecurity measures in place.
As a firm, this is where we add our biggest value.
Rather than hiring an inexperienced technician to help the IT leader’s workload – while solving none of the foundational issues that are putting company data at risk – savvy businesses make us their next “hire” in the IT department.
Usually for less than the cost of one FTE, we supplement that IT leader, fill in around his or her gaps and co-manage the environment, instantly giving your organization an entire IT department as a result.
Need daily helpdesk services? Only elevated support for more challenging issues? Strategic planning and IT leadership? A tech stack of the most modern tools for threat prevention, email filtering, backup and more?
The ways to customize our services to fit alongside your IT leader are endless. Contact us to learn more about our supplemental (co-managed) services, of course, but now let’s get back to that checklist.
The foundational questions in our new, free download are meant to help business leaders have more meaningful dialogue with IT. Here’s a sample of the subject areas and kinds of questions you should be asking your IT leader about regularly:
Incident Response
- If a bad actor were to gain access to our network, how would we know?
This question addresses the critical need for robust threat detection. Simply having defenses isn’t enough; the business must be able to identify when those defenses have been breached. Without effective monitoring, intrusion detection systems and behavioral analytics, an attacker could reside undetected in the network for extended periods. This allows a hacker to cause immense damage by stealing data, deploying ransomware or through email compromise tactics, leading to severe financial and reputational harm before anyone is even aware.
- What are our procedures for identifying and responding to security incidents?
MFA significantly enhances security by requiring multiple verification methods, making it much harder for attackers to gain access even if they steal passwords. C-level and IT leaders should never exempt themselves from MFA requirements because they often hold privileged access to critical systems and sensitive data. Its absence represents a major vulnerability that could lead to catastrophic breaches.
Data Backup & Recovery
- How often do we back up critical data?
The frequency of data backups directly impacts the maximum amount of data a business can lose in a disaster. Infrequent backups mean greater data loss and longer recovery times, leading to significant operational disruption for both employees and clients. Knowing the backup schedule ensures alignment with the business’s tolerance for data loss and maintains continuity.
- Where do we store our backups and how are they protected?
The location and protection of backups are vital for their integrity and availability. Storing backups securely, offsite and in an immutable array protects them from the same disaster that has taken down the primary data source, be it fire, flood, ransomware or similar. Without secure and geographically diverse backup storage, the entire business could be crippled by a single event, sometimes making recovery impossible.
-
Do we regularly test our backups to ensure they can be restored?
Untested backups provide a false sense of security. A backup is only useful if it can be successfully restored when needed. Regularly testing backup restoration ensures that your organization can recover from data loss events without surprises or delays, and helps identify issues with backup processes before a crisis occurs.
…to get the full set of these questions, plus a useful checklist any C-level leader can use during the next one-on-one with the IT Manager, use the form below to get your copy of this handy tool.
Truly, why not take advantage of this free resource?
The topic areas we cover in this report include:
- Network Maintenance & Security
- Employee Awareness
- MS 365/Google Workspace Security Settings
- Access Control
- Incident Response
- Data Backup & Recovery
…and a lot more.
Why wait? Get your copy today!
