The National Cyber Security Centre (“NCSC”) published five questions for board agendas. The questions, accompanied by a list of possible answers, are aimed at promoting constructive dialogue between board members and their IT teams on cyber security risks and what can be done to mitigate them. They are intended to form part of a wider toolkit, which the NCSC plans to publish later this year. The campaign has been designed to encourage boards to engage with the technicalities of cyber security so that they can better understand what is required from a constantly evolving threat.