Are you putting cybersecurity first? 7 questions you should be asking