This document provides a list of 7 questions that CEOs should ask about cyber risks to better understand their company's exposure and preparedness. The questions address understanding the current cyber threat level and impact, ensuring executive leadership is informed, evaluating how well the cybersecurity program incorporates standards and practices, learning about typical cyber incidents detected weekly and protocols for notifying leadership, assessing the comprehensiveness and testing of incident response plans, and determining needs for additional cybersecurity training.