EN, Search Security Resources and Information from TechTarget

How CISOs can get out of security debt and why it matters

<p>Security debt happens when organizations allow cybersecurity weaknesses and vulnerabilities to linger and accumulate, putting them at significant, ongoing risk of compromise. At worst, security debt could set the stage for a devastating data breach. Enterprises that manage and minimize security debt have significantly stronger security postures.</p>
<section class=”section main-article-chapter” data-menu-title=”Security debt vs. technical debt: What’s the difference?”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Security debt vs. technical debt: What’s the difference?</h2>
<p><a href=”https://www.techtarget.com/whatis/definition/technical-debt”>Technical debt</a> refers to the implied cost of future work resulting from shortcuts taken during software development and testing. These shortcuts often prioritize speed or immediate goals over quality and long-term maintainability.</p>
<p>A subset of technical debt, security debt refers to the accumulation of unaddressed security vulnerabilities and risks that stem from deferred updates, ignored best practices, poor visibility, poor communication and rushed implementations. Security debt can also accrue in the development stage when developers disregard security best practices during coding.</p>
<h3>Types of technical debt</h3>
<p>Types of technical debt include the following:</p>
<ul class=”default-list”>
<li>Suboptimal code — e.g., code-level debt.</li>
<li>Complex or inefficient system architectures — e.g., architectural debt.</li>
<li>Insufficient testing or inadequate documentation — e.g., process-level debt.</li>
<li>Outdated or low-quality data models — e.g., data-level debt.</li>
<li><a href=”https://www.techtarget.com/searchcio/feature/6-reasons-legacy-systems-are-still-in-use”>Legacy systems</a> that are difficult to maintain — e.g., legacy-level debt.</li>
</ul>
<p>Consequences of technical debt include increased maintenance costs, reduced performance and adaptability, and growing inefficiencies and risks over time.</p>
<h3>Types of security debt</h3>
<p>The types of cybersecurity debt that can accrue include the following:</p>
<ul class=”default-list”>
<li><a href=”https://www.techtarget.com/searchsecurity/tip/5

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Search Security Resources and Information from TechTarget

Read the original article: