We are all familiar with the concept of technical debt (more here), but I think it is time that we start talking specifically about cybersecurity debt.
The quick version: all these little things you are not doing pile up together and transform into a dumpster fire. This is specifically harder for Small and Medium Enterprises where time and dollars are stretched all the time, but like technical debt, cybersecurity debt eventually catches up. The difference is in scale: a long downtime (technical debt) can be embarrassing, but having all your employee or customer data put up for sale on the dark web (cybersecurity debt) can be a business-ending event.
The good news is that many of the things you can do to get started are free (more here). I also want to take a special look at Multi Factor Authentication (MFA): 2023 needs to be the year that employers tell employees to just suck it up. MFA is not perfect, it does make logins a bit longer sometimes, but it makes a big difference in the end, so just do it.
The second good news is that the more advanced tools that can make a big difference are more affordable than they have ever been (more here). Our Cybersecurity 201 goes into more details on some the other things you do that really make a difference.
*** WARNING: sales pitch *** We would like to talk with you to understand how we can help you become more cyber resilient, if you are a Small or Medium Canadian Enterprise (public or private), we will even throw in a 30 min Ask Me Anything session with a Cybersecurity Expert where you can ask all your cybersecurity questions (even the ones you’ve been afraid to ask), just click here.
As always, looking forward for feedback and comments.
Image credit: https://www.amazon.ca/100-Soft-Dumpster-Vinyl-Figure/dp/B09FFRCM49/