17 January 2023

Cybersecurity Debt

Cybersecurity Debt

We are all familiar with the concept of technical debt (more here), but I think it is time that we start talking specifically about cybersecurity debt.

The quick version: all these little things you are not doing pile up together and transform into a dumpster fire. This specifically harder for Small and Medium Enterprises where time and dollars are stretched all the time, but like technical debt, cybersecurity debt eventually catches up. The difference is in scale: a long downtime (technical debt) can be embarrassing but having all your employee or customer data put up for sale on the dark web (cybersecurity debt) can be a business ending event.

The good news is that many of the things you can do to get started are free (more here). I also want to take a special look at Multi Factor Authentication (MFA): 2023 needs to be the year that employers tell employees to just suck it up. MFA is not perfect, it does make logins a bit longer sometimes, but it makes a big difference in the end, so just do it.

The second good news is that the more advanced tools that can make a big difference are more affordable than they have ever been (more here). Our Cybersecurity 201 goes into more details on some the other things you do that really make a difference.

*** WARNING: sales pitch *** We would like to talk with you to understand how we can help you become more cyber resilient, if you are a Small or Medium Canadian Enterprise (public or private), we will even throw in a 30 min Ask Me Anything session with a Cybersecurity Expert where you can ask all your cybersecurity questions (even the ones you’ve been afraid to ask), just click here.

As always, looking forward for feedback and comments.

Image credit: https://www.amazon.ca/100-Soft-Dumpster-Vinyl-Figure/dp/B09FFRCM49/

Get the Cybersecurity Risk Assessment Checklist

Subscribe and Get The Latest News

Related Posts

Now that it is becoming clear that blocking 100% of cyber attacks is not possible, that prevention, damage control and a recovery plan are the most efficient strategies: Managed Detection and...
There was great feedback and some questions about our Cybersecurity 101 blog, this 201 blog will answer those and help you to continue improving your cyber resiliency. The assumption here is that you...
SIEM can make the difference between stopping an attacker while they get started vs after they've setup their entire plan, but how much should it cost?