Hi everyone,
I wanted to just share a few thoughts I’ve had recently with the trend of cyber attack stories, and how much we all practice what we preach.
When these cyber attacks happen, we tend to shame the victim, talk about technical debt, not doing what is necessary etc. But I want to ask you honestly, how much do you practice what you preach?
I believe we all have our own personal tech debt too in various shapes and forms. These days most people are using password managers, but as password complexity requirements increased, did you go and replace all of your passwords with stronger ones? When MFA became available for XYZ website, did you notice and remediate?
I’d argue we’re all guilty of being super secure for anything new that comes through, and adopting our best practices going forwards, but have you ever made an effort to clean up all of your historical accounts, sites you don’t use anymore?
I’ll put my hands up here and say, I did a review of my accounts and had no less than 26 instances where I had what would be considered a security risk, either a weak password, a reused password, or didn’t have MFA/2FA enabled where I could’ve.
It honestly didn’t take too long to remediate, but that’s 26 possible identity breaches that have just become a lot harder for the malicious actors.
Remember, they only need to succeed once to do some damage, we have to succeed every time to fend them off, don’t be complacent 😊
I invite you all to spend this cybersecurity awareness month to reflect inwards in your personal ‘cyber lives’, take the time to tackle your own personal ‘tech debt’, and then adopt this attitude to your organisation moving forward 🙂
And that, is my final point I want to make today. Remediation is great, but the tech debt will only build again if you don’t adopt a behavioural change to address these issues as they come up continuously.
