Technical Debt: Dave Ramsey, where are you?

Kevin Johnson
Dec 22, 2005
It is interesting how an idea pops up in your daily life. I was reading through the torrent of email that is the FD mailing list and the phrase “Technical Debt” was mentioned. It started me thinking about security and how companies treat it when they develop their systems and infrastructure. I then thought that we all need a little Dave Ramsey in our SOCs.
 

So now the question becomes, how do we measure our “security debt” when performing an audit? Because we really need to realize that our debt will be paid by our partners and our customers. It is commonly skipped over that the penalty for not securing our systems, sadly, is never paid by the people who chose not to secure the systems.

Similar posts

encryption

Why Target's Breach Included PIN Data

Last Friday Target issued an update acknowledging that encrypted PIN data were included in the data stolen in their recent breach. This quickly...

Nathan Sweaney Dec 31, 2013

Red Teaming - Not What You May Have Thought

Lately, I’ve been doing a lot of reading on some less technical topics and I ran across “Red Team: How to Succeed By Thinking Like the Enemy”...

Jason Wood Jan 27, 2016

Compliance is not Security

Many folks get confused about the difference between security and compliance. Many, especially those less technically inclined, assume that...

Nathan Sweaney Nov 29, 2018