­
The 10 Worst Cybersecurity Strategies - All Articles - CISO Platform

All Articles

The 10 Worst Cybersecurity Strategies

Posted by Matthew Rosenquist on July 16, 2020 at 8:29am

8669837854?profile=original

Counting down to the absolutely worst cybersecurity strategies. Sadly, these are all prevalent in the industry. Many organizations have failed spectacularly simply because they chose to follow a long-term path that leads to disaster. You know who you are…

Let’s count them down.  

10. Cyber-Insurance

No need for security, just get insurance. Transferring risk is better than mitigating it!

Famous Last Words: Sure, it should be covered

9. Audit Confidence

Conducing a comprehensive security audit. ...and ignoring the results

Famous Last Words: We will close those gaps later...

8. Best Tools, Left Unmanaged

Deploying several good tools, set to autopilot. No need to manage or maintain anything 

Famous Last Words: Security is not that difficult...

7. Regulatory Compliance

Meeting the minimum requirements (defined 2 years ago)

Famous Last Words: Relax, we are compliant!

6. One Good Tool

We just need one good tool (ex. AV) and we are set. 

Famous Last Words: That should do it.

5. IT Dependence  

Cybersecurity is a tech problem, its IT’s responsibility. 

Famous Last Words: The IT dept has it covered.

4. Security by Marketing  

Believing the snake-oil (deceptive marketing) salesperson that will 'solve' your security problems

Famous Last Words: We are totally protected now! (or similar derivative from the sales brochure)

3. Default Security Settings  

Products and services come with security built in! 

Famous Last Words: It’s new, shiny, and looks secure. Don’t worry, we should be fine!

2. Security by Obscurity

Nobody knows or cares about us. We are too small to be targeted.

Famous Last Words: We haven't been attacked yet...

1. Hope, as a Strategy

I hope we don’t get attacked. Let’s move on with more important things.

Famous Last Words: <meek inner voice>> Just don’t think about security because it is too scary, expensive, and complex!

This is the menu that evokes anger, frustration, and pity among cybersecurity professionals around the globe. Eventually it always ends in despair, blame, and a side of tears.

A solid long-term strategic plan is a necessity for an efficient and capable cybersecurity capability. Cybersecurity fails without a proper strategy. 

Interested in more? Follow me on LinkedInMedium, and Twitter (@Matt_Rosenquist) to hear insights, rants, and what is going on in cybersecurity.

Views: 547
Tags: ciso, cybersecurity, infosec, risk, security, strategy
Votes: 0
E-mail me when people leave their comments –
Follow
Posted by Matthew Rosenquist

CISO and Cybersecurity Strategist

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Join The Community Discussion

Read More

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)
 

 

 

CISO Platform Talks : Security FireSide Chat With A Top CISO or equivalent (Monthly)

Jun 1, 2025 at 3:00am to Dec 31, 2025 at 3:00am UTC+5.5
Virtual
  • Description:

    CISO Platform Talks: Security Fireside Chat With a Top CISO

    Join us for the CISOPlatform Fireside Chat, a power-packed 30-minute virtual conversation where we bring together some of the brightest minds in cybersecurity to share strategic insights, real-world experiences, and emerging trends. This exclusive monthly session is designed for senior cybersecurity leaders looking to stay ahead in an ever-evolving landscape.

    We’ve had the privilege of…

  • Created by: Biswajit Banerjee
  • Tags: ciso, fireside chat

CISO MeetUp: Executive Cocktail Reception @ Black Hat USA , Las Vegas 2025

Aug 4, 2025 from 6:00pm to 10:30pm PDT
Topgolf Las Vegas
  • Description:

    We are excited to invite you to the CISO MeetUp: Executive Cocktail Reception if you are there at the Black Hat Conference USA, Las Vegas 2025. This event is organized by EC-Council & FireCompass with CISOPlatform as proud community partner. 

    This evening is designed for Director-level and above cybersecurity professionals to connect, collaborate, and unwind in a relaxed setting. Enjoy…

  • Created by: Biswajit Banerjee
  • Tags: black hat 2025, ciso meetup, cocktail reception, usa events, cybersecurity events, ciso

6 City Playbook Round Table Series (Delhi, Mumbai, Bangalore, Pune, Chennai, Kolkata)

Sep 1, 2025 at 5:00pm to Oct 31, 2025 at 8:00pm UTC+5.5
India
  • Description:

    Join us for an exclusive 6-city roundtable series across Delhi, Mumbai, Bangalore, Pune, Chennai, and Kolkata. Curated for top cybersecurity leaders, this series will spotlight proven strategies, real-world insights, and impactful playbooks from the industry’s best.

    Network with peers, exchange ideas, and contribute to shaping the Top 100 Security Playbooks of the year.

    Date : Sept 2025 - Oct 2025

    Venue: Delhi, Mumbai, Bangalore, Pune,…

  • Created by: Biswajit Banerjee

National Insider Risk Symposium, Washington DC, USA 2025

Sep 17, 2025 to Sep 18, 2025
Washington DC, USA
  • Description:

    We are excited to invite you to the 10th National Insider Risk Symposium, a premier forum bringing together leaders and experts from both the commercial and public sectors to address the evolving landscape of insider threats. CISOPlatform is a proud community partner for this event. 

    Event Details:
    Venue: National Housing Center, 1201 15th St NW, Washington, D.C. 20005
    Dates: September 17–18,…

  • Created by: Biswajit Banerjee
  • Tags: national insider risk symposium, ciso, cybersecurity events, usa events