Training

Events

Security Debt, Running with Scissors

Security Debt, Running with Scissors

Security debt, defined by Dave Lewis, Global Advisory CISO, Duo Security at Cisco, as “the accumulation of the patches missed, the risks accepted, and the configurations misapplied,” is a serious and common problem for many organizations, especially with the move to cloud computing and rise of IoT. Part of the problem is that, while organizations might accept the risks they encounter, they often neglect to review them or make a plan for the future, and that risk is compounded when patches are passed from person-to-person through staff changes and/or employee churn. However, it doesn’t have to be this way - to track and address security debt, organizations must develop and implement defined, repeatable processes. They should look to strategies like the zero-trust model, trust but verify, sanitation of inputs and outputs, and of course, make sure to execute patches instead of pushing it onto the next person.

See Also: Live Webinar | The Role of Passwords in the Hybrid Workforce

Webinar Registration

Premium Members Only

OnDemand access to this webinar is restricted to Premium Members.

Join Now to Access
Have an account? Sign in.


Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.