Our Chief Technical Officer, Mike Dillon, estimates that the number of infected sites is growing by 20% to 25% a year. “If your company is shifting more toward cloud services and hasn’t addressed security, you will be attacked,” he says.

So here are the (non-technical) questions you need to ask and get answered to protect your business:

1. What kinds of security capabilities do we need built into our network architecture to: Ensure confidentiality and integrity while data is being transmitted or stored? Safely access data remotely and via mobile devices?
2. What’s required to secure data, applications, systems, and networks as we scale them up?
3. What’s required to monitor applications, systems, and networks for breaches?
4. What’s required to prevent breaches?
5. How do we want to respond when a breach occurs?
6. How would we evaluate the effectiveness of our security?
7. Are we complying with relevant regulatory requirements and industry standards?
8. What’s required to securely leverage cloud services?
9. What’s required to handle threats of malware and data leaks posed by use of social networking?

Security isn’t just a technical issue. C-level people must be the ones who decide what’s valuable to the organization and how that value should be protected.