11 Cybersecurity Questions Smart Company Leaders Are Asking

Business people plan

Every growth-minded company leader has an endless stream of business technology questions rolling around in their heads. The way we do business is continually changing, and keeping pace with technology and cybersecurity seems nearly impossible at time. Strategic leaders feel the pressure to stay ahead of the business technology change curve.

Let’s take a look at 11 technology questions about responsible company safeguards that we hear often. How many of these sound familiar to you?

For each question, we’ve included a short why this matters discussion starter. Each question could take us down some deep knowledge-sharing paths, but we want to help you answer – not compound – these common questions.  

Each point is the beginning of the conversation you should have with your internal team and outsourced business technology partners.

These are wise questions to ask with clear answers and solutions you can begin implementing today.

Ready to get started?

1. How can we prevent, or at least do our best to control, access to and sharing controversial or inappropriate content?

Why This Matters Discussion Points

Allowing an employee to view offensive, explicit content happens more often than you might think. Quite frankly, we were dumbfounded to discover that company leaders know this openly occurs in their offices, and they do nothing to stop it. This should not be dismissed with a shrug in any company. Ever.

The same is true for political, religious, and ideological content.

Companies are at risk for hostile work environment claims when an employee finds content offensive.

And then there are your clients and customers. Imagine what they will think about your company when a piece of offensive content lands in their inbox.
Just don’t.

The Quick Action Answer

  • Implement the reliable DNS content filtering tools that give you the ability to implement rules and enforce safe internet usage.
  • Clearly define the unacceptable content for you company
  • Communicate the unacceptable criteria to your IT people responsible for implementing the rules
  • Continually monitor and modify the rules to ensure compliance. Websites and online content is constantly changing so ongoing attention is a must.
  • Adopt an acceptable content company policy

  • One Minute Plain English Explainer

    What is DNS Content Filtering?

    2. Should we adopt a company policy that addresses internet usage?

    Why This Matters Discussion Points

    See #1 and cyberinsurance carriers look to your risk management policies in the event of a breach. A written, consistently enforced policy is an essential part of your overall cyber risk management toolkit.

    The Quick Action Answer

  • Yes.
  • Implementing policies and procedures can always feel heavy-handed. Internet usage is such a basic part of our daily lives that attempts to restrict usage can be viewed by employees as controlling. When employees understand why these boundaries are in place, they will accept – and appreciate – the purpose behind them.

  • 3. How do I know what websites our employees are visiting?

    Why This Matters Discussion Points

    See #1 and #2 and websites are a hotbed of malware. Visiting a website is a prime source of unseen malware infections. Visitors only need to land on a web page to expose themselves to an unwanted malware download.

    It is a common misunderstanding that malware is avoided when a user doesn’t download anything from a website. This is no longer the case. Malware can be triggered as soon as the webpage is loaded.

    The Quick Action Answer

    Do #1

    4. Is everyone as productive and effective as they can be?

    Why This Matters Discussion Point

    Who hasn’t fallen into an online rabbit hole only to resurface after far too much time has been spent?

    We’re all in favor of flexibility and giving your team room for creativity and initiative. A rigid, time-clock mentality is a surefire way to lose valued employees, destroy trust, and discourage exploration.

    How do you define productivity?

    The Quick Action Answer

  • Every company leader needs to decide how much time they want to invest in researching, exploring, and learning. This is the first step in answering the broader productivity question.
  • See #5, #6, and #7

  • 5. Should we be replacing desktops and laptops as often as we are?

    Why This Matters Discussion Point

    In addition to the obvious equipment expense, there are substantial costs often overlooked.

    New equipment needs to be setup. Someone is doing the hands-on work to setup, test, deliver, and respond to the inevitable “this is missing”, “this doesn’t work” user requests.

    Old equipment needs to be carefully wiped clean, software licenses removed, and equipment properly disposed of.

    Users are inconvenienced and lose valuable productivity time. (See #4).

    These all are hidden costs.

    More importantly, too-frequent equipment replacement can be prevented. Equipment is often replaced when it becomes slow, not when it fails because of aging components. Performance becomes a problem when a desktop or laptop has hidden malware running on it. IT is quick to run malware detection software to find and remove malware. Unfortunately, persistent malware is becoming smarter. It can often remain undetected by most commercial tools.

    The Quick Action Answer

  • Implement modern proactive security tools to detect and block malware before it ever reaches a computer.
  • Discover the difference between reactive anti-virus solutions and proactive advanced security tools.
  • Implement a proactive monitoring solution that identifies and prevents unwanted access to your company's devices.

  • One Minute Plain English Explainer

    What is Advanced Endpoint Security?

    6. Why do our employees complain about slow equipment? It's not that old.

    Why This Matters Discussion Point

    See #5.

    The Quick Action Answer

    See #5.

    7. Why is our internet so slow? We need a reliable connection for our business and pay for high speed access.

    Why This Matters Discussion Point

    A 2022 IBM study found that malware lives on a local network or device for 287 days before it is detected and remediated. Unknown to you, for 9 months malware is quietly gathering the data it wants from your computers and sending it to servers somewhere in the world.

    How is this data being sent? You guessed it – your internet connection.

    If you have employees working from home or remotely accessing your company’s network, data, or applications, you open another door to unwanted access.

    The Quick Action Answer

  • Implement modern proactive security tools to detect and block malware and unauthorized access before it ever reaches a computer.
  • Implement a company internet usage policy to enforce responsible website access.
  • Implement a network framework that addresses all access points.
  • Implement a company remote work policy.

  • 8. How do I know if our employees are using apps or software that we haven't purchased or approved?

    Why This Matters Discussion Point

    Shadow IT, as the use of unapproved technology is called, is a broad topic. Because it affects several important aspects of your company, we’ve created a short eBook to start the conversation.

    The Quick Action Answer

  • Adopt and actively enforce a company software policy.
  • Adopt and actively enforce a company bring your own device policy.
  • Adopt and actively enforce a company use of company equipment policy.
  • Implement advanced security tools that will identify and report new software running on company devices.
  • Maintain a software inventory to ensure accurate licensing.

  • One Minute Plain English Explainers

    What is Shadow IT?

    What is a Software Inventory?

    9. What should we consider with employees using their own devices for company business?

    Why This Matters Discussion Point

    The use of employee-owned equipment introduces another opportunity for loss of company data, access by unauthorized users, shadow IT, and gaps in network security.

    If employees work from home or at a remote site, who has access to the equipment, login information, or simply looking at proprietary information?

    The Quick Action Answer

  • Implement a bring your own device company policy.
  • Make sure your internal IT team or outsourced IT provider fully understands the policy and actively manages it as part of their regular activities.
  • Implement employee onboarding and offboarding checklists that include device management

  • One Minute Plain English Explainer

    What is User Access?

    10. Should we know the passwords on employee-owned devices if they're used for company business?

    Why This Matters Discussion Point

    Any time employees are accessing company resources – the internal network, a third-party web server, an application running anywhere, email, you get the idea --- they are exposing your company to unauthorized user access, compromised data, and access to customers.

    As the company leader, you are responsible for the security and safety of these valuable company assets. It is only good business practice to enforce password policies and maintain access to an employee-owned device at any time.

    The Quick Action Answer

  • Yes.
  • Adopt a company password policy and make sure your IT team or outsourced IT provider is actively implementing the policy.
  • Implement a password management tool that is actively maintained by a trusted IT team member.

  • 11. If I don't have employees, what security concerns should I have?

    Why This Matters Discussion Point

    If you have an internet connection anywhere, then you are just as exposed to prying eyes, malware, and the potential for business risks as a company with employees. You simply don’t have the added responsibility of building team awareness.

    The Quick Action Answer

  • Treat your company as if you had a team of employees to continually teach and encourage responsible technology use.
  • Implement the advanced security tools on your desktop, laptop, and mobile devices.
  • Be aware of risks with wi-fi, public internet usage, and home equipment security.
  • Engage the services of an experienced business technology partner to uncover what you don’t know.
  • Practice responsible business technology use. As you add employees in the future, you will have the infrastructure in place.

  • One Minute Plain English Explainers

    What is a Home Network?

    What is a Simple Business Network?

    Thanks for Visiting Us on Thursday

    You're in business to grow and deliver what your customers and clients want most from you.

    You've come to the right place.

    Join our community of curious learners and business leaders. We talk information, knowledge, tools, and resources to help you and your business thrive.

    Tags: Technology Strategy

    . . .

    Linda Rolf is a lifelong curious learner who believes a knowledge-first approach builds valuable client relationships. She is fueled by discovering the unexpected connections among technology, data, information, people and process. For more than four decades, Linda and Quest Technology Group have been their clients' trusted advisor and strategic partner.

    Linda believes that lasting value and trust are created through continuously listening, sharing knowledge freely, and delivering more than their clients even know they need. As the CIO of their first startup client said, "The value that Quest brings to Cotton States is far greater than the software they develop."

     Our Partner Promise

    Quest Technology Group
    315 E. Robinson Street • Suite 525
    Orlando, FL 32801
    Phone: 407 . 843 . 6603


    © 1991-2024 Quest Technology Group, LLC All rights reserved. Your Privacy Matters