2 minutes

Cyber Essentialism & ‘Doing Less With Less’

Several years ago, I used to give a talk called “Cyber Essentialism.” It’s modeled after my favorite book, Essentialism: The Disciplined Pursuit of Less, by Greg McKeown (Currency; 2014), which tries to convey that we all need to focus on the vital few things instead of the trivial many. It’s not easy — plowing through emails feels like you’re getting more done, even though you might not actually be moving any needles. Doing lots of little quick, low-hanging “fruit” might also feel great, but is that truly having an impact? Sometimes, sure, but all too often we are all focused on the trivial many instead of the vital few — thus the need for essentialism.

With cybersecurity, essentialism is more necessary than ever. Back in 2016 when I put together my presentation, teams were understaffed, overburdened, and facing a challenging dynamic IT landscape to defend. Sound familiar? We’re still in this same situation, only now teams are being asked to scrutinize their capex and opex even more while seemingly having an even bigger surface area to defend each year. To put it in the words of the CISOs at a recent dinner — “do less with less.”

So, what are some things you can do? Read on and give yourself some forced reflection time after doing so.

Read the full article on Dark Reading.