While an executive or board member has every right to ask about a company’s cybersecurity posture, the problem is that CIOs generally do not have the metrics necessary to answer the most cutting inquiries, namely: “Are we spending enough on cybersecurity?” or “Do we have a reasonable cybersecurity program in place?”
So, you are a “not for profit or nonprofit” organization and things like planning, budgeting, and engagement are key to providing dependable, discreet, private and comfort to those you serve. The question you should ask yourself is that; does my current IT Service provider understand that? Are they your strategic partners in BT? BT= Business and Technology.