Security requires more than software. It demands ongoing attention. Without that attention, your business faces constant risk of loss.

To figure out if your business’ security is getting appropriate attention, I offer you four simple questions to ask your IT security folks. Their response will tell you a lot about how safe your business really is.

1. When was the last time you think we were attacked?
2. If we do get breached, how will you know where the hackers got in?
3. Who’s responsible, from a security perspective, for monitoring all the logs generated from our devices?
4. How often do we do a vulnerability assessment?

If you get vague answers or outright I-don’t-knows, your security plan needs work. Right now.

And if you’re worried about security conversations becoming too technical, remember this: Security is as much an operational concern as a technical one. For example, determining if someone could download your entire customer database to a thumb drive and walk out the door requires a security conversation.

A trusted advisor can help you translate your real-world concerns into an actionable plan to protect your business.