The 10 Worst Cybersecurity Strategies

The 10 Worst Cybersecurity Strategies

The 10 Worst Cybersecurity Strategies

Counting down to the absolutely worst cybersecurity strategies. 

Sadly, these are all prevalent in the industry. Many organizations have failed spectacularly simply because they chose to follow a long-term path that leads to disaster. You know who you are…

Let’s count them down.  

10. Cyber-Insurance

No need for security, just get insurance. Transferring risk is better than mitigating it!

Famous Last Words: Sure, it should be covered

9. Audit Confidence

Conducing a comprehensive security audit. ...and ignoring the results

Famous Last Words: We will close those gaps later...

8. Best Tools, Left Unmanaged

Deploying several good tools, set to autopilot. No need to manage or maintain anything 

Famous Last Words: Security is not that difficult...

7. Regulatory Compliance

Meeting the minimum requirements (defined 2 years ago)

Famous Last Words: Relax, we are compliant!

6. One Good Tool

We just need one good tool (ex. AV) and we are set. 

Famous Last Words: That should do it.

5. IT Dependence  

Cybersecurity is a tech problem, its IT’s responsibility. 

Famous Last Words: The IT dept has it covered.

4. Security by Marketing  

Believing the snake-oil (deceptive marketing) salesperson that will 'solve' your security problems

Famous Last Words: We are totally protected now! (or similar derivative from the sales brochure)

3. Default Security Settings  

Products and services come with security built in! 

Famous Last Words: It’s new, shiny, and looks secure. Don’t worry, we should be fine!

2. Security by Obscurity

Nobody knows or cares about us. We are too small to be targeted.

Famous Last Words: We haven't been attacked yet...

1. Hope, as a Strategy

I hope we don’t get attacked. Let’s move on with more important things.

Famous Last Words: <meek inner voice>> Just don’t think about security because it is too scary, expensive, and complex!

 

This is the menu that evokes anger, frustration, and pity among cybersecurity professionals around the globe. Eventually it always ends in despair, blame, and a side of tears.

A solid long-term strategic plan is a necessity for an efficient and capable cybersecurity capability. Cybersecurity fails without a proper strategy. 

 

 

Interested in more? Follow me on LinkedInMedium, and Twitter (@Matt_Rosenquist) to hear insights, rants, and what is going on in cybersecurity.

Share this article

Leave your comments

Post comment as a guest

0
terms and condition.
  • Scott Jacklin

    There is also another one: We are too big to fail, our social media team is smart. Hackers can attack even verified accounts.

  • Andy Webb

    Never underestimate cyber criminals.

  • Sarah Richards

    2020 taught me to trust no one when it comes to attachments....

  • Matt Chamberlain

    Spot on Matthew

  • David Booth

    If you don't have a clear long term strategy, just turn off every single computer.

  • Paul Thompson

    Lovely rant !!

  • Sam Killick

    Bring the popcorn, this isn't over yet. You will be amazed how many companies were scammed this year.

Share this article

Matthew Rosenquist 

Cybersecurity Expert

Matthew Rosenquist is an industry-recognized pragmatic, passionate, and innovative strategic security expert with 28 years of experience. He thrives in challenging cybersecurity environments and in the face of ever shifting threats. A leader in identifying opportunities, driving industry change, and building mature security organizations, Matthew delivers capabilities for sustainable security postures. He has experience in protecting billions of dollars of corporate assets, consulting across industry verticals, understanding current and emerging risks, communicating opportunities, forging internal cooperation and executive buy-in, and developing practical strategies. Matthew is a trusted advisor, security expert, and evangelist for academia, businesses, and governments around the world. A public advocate for best-practices, and communicating the risks and opportunities emerging in cybersecurity. He delivers engaging keynotes, speeches, interviews, and consulting sessions at conferences and to audiences around the globe. He has attracted a large social following of security peers, is an active member on advisory boards, and quoted in news, magazines, and books. Matthew is a recognized industry expert, speaker, and leader who enjoys the pursuit of achieving optimal cybersecurity. Matthew Rosenquist is experienced in building world class teams and capabilities, managing security operations, evangelizing best-practices to the market, developing security products, and improving corporate security services. 

   

Latest Articles

View all
  • Science
  • Technology
  • Companies
  • Environment
  • Global Economy
  • Finance
  • Politics
  • Society