Cybersecurity Debt

Publishded on:- 17 January 2023
  • By Loïc Calvez
  • With 0 COMMENTS
Cybersecurity Debt

We are all familiar with the concept of technical debt (more here), but I think it is time that we start talking specifically about cybersecurity debt.

The quick version: all these little things you are not doing pile up together and transform into a dumpster fire. This specifically harder for Small and Medium Enterprises where time and dollars are stretched all the time, but like technical debt, cybersecurity debt eventually catches up. The difference is in scale: a long downtime (technical debt) can be embarrassing but having all your employee or customer data put up for sale on the dark web (cybersecurity debt) can be a business ending event.

The good news is that many of the things you can do to get started are free (more here). I also want to take a special look at Multi Factor Authentication (MFA): 2023 needs to be the year that employers tell employees to just suck it up. MFA is not perfect, it does make logins a bit longer sometimes, but it makes a big difference in the end, so just do it.

The second good news is that the more advanced tools that can make a big difference are more affordable than they have ever been (more here). Our Cybersecurity 201 goes into more details on some the other things you do that really make a difference.

*** WARNING: sales pitch *** We would like to talk with you to understand how we can help you become more cyber resilient, if you are a Small or Medium Canadian Enterprise (public or private), we will even throw in a 30 min Ask Me Anything session with a Cybersecurity Expert where you can ask all your cybersecurity questions (even the ones you’ve been afraid to ask), just click here.

As always, looking forward for feedback and comments.

Image credit:

Get the Cybersecurity Risk Assessment Checklist

Subscribe and Get The Latest News

Related Posts

The first step in our process is "Assess" which aligns closely with the Five Functions of NIST. The main two reasons we start here are simple: 1: you can't protect what you don't know you have, 2:...
We were at the Western Manufacturing Technology Show two weeks ago and it was clear that many companies we were talking to had a very narrow view of cyber risks.
According to Wikipedia: Cyber resilience refers to an entity's ability to continuously deliver the intended outcome, despite cyber attacks. Resilience to cyber attacks is essential to IT systems,...