“Cybersecurity is a board-level responsibility, and board members should be specifically asking about ransomware,” says guidence from the NCSC.
Article Link: Ransomware: Five questions you need to ask about your defences, before you get attacked | ZDNet