In cybersecurity, so many times the wrong questions are being asked. Case in point. Executives are notorious for asking IF their organization is secure, rather than HOW secure are they. It is a subtle difference but an important one. The question frames the problem and therefore defines how it will be perceived and answered.

Cyber security cannot be properly described in terms of yes or no. The crux of the dilemma…