Do you know what data is critical to your organization?

Do you know where your most critical data is stored?

How long must your data be kept confidential?

Do you know who has access, control and sharing rights to the sensitive data?

Do you know how likely it may be that your critical data could be leaked?

Is your environment an open or closed ecosystem?

Which of the following data policies do you use to classify and label personal and sensitive data?

How long is your product development and production cycle?

How long are your products supported in the field?

Do you utilize a PKI in your IT network?

Are you aware of the post-quantum technology timelines and the true impact they will have on your organization's cyber security?

How crypto agile do you consider your organization?

To what extent is your organization prepared for cyberattacks and new threat actors who might emerge once post-quantum computing becomes a reality?

How certain are you that your current policies and procedures are effective at protecting the organization from both internal and external threats?

Do you have any breached data that is encrypted but still requires a long shelf life for confidentiality?

In the event that you need to replace non-agile IT systems, what is the length of your IT horizon?