Cybersecurity’s Unanticipated Benefits

Longtime readers of this newsletter may assume that the only professionals I ever call to my house for assistance are plumbers. That’s understandable, I’ve written before about my plumbing challenges here and here.

But it’s not just plumbers I bring in. When it comes to electricity, I know better than to take my chances – I hire a professional.

Such was the case last month when I decided to up my Wi-Fi game and transition our house from a consumer set up to something more along the lines of what a small business might run in their office. I had a few reasons: I wanted more control over security; I wanted to segment the network for different people and purposes; I wanted to discourage (okay, prevent) my kids from going certain places and doing certain things.

So I called Jeff, our friendly electrician, and asked him to come over and pull some Ethernet cables around the house – behind the walls and out of sight. He did a great job and, as long as Jeff was already there, I asked him to do a few other things…

He added three new outlets in our bedroom (including a USB outlet), making it easier to keep our various devices charged.

He ran a wire behind the wall where our basement television lives and connected it to the Roku.

He added an outlet in the basement behind our dehumidifier, eliminating the extension cord and associated tripping hazard that had been there since we moved in.

Each of these additional, unplanned things brought with them benefits, whether in the form of added convenience, improved appearance, or safety. And yet, none of these improvements were big enough, in and of themselves, to have warranted bringing in an electrician.

The fact is, were it not for my need to have some Ethernet cables pulled, I would never have realized any of these other things.

When You Improve Your Security, Other Things Improve Too 

When it comes to security enhancements, most people expect a corresponding loss in convenience. Multifactor Authentication (MFA), unique and complicated passwords, door entry badges … these things and others like them may elevate security (they do), but they add a degree of overhead as a result.

But, as with my visit from Jeff the electrician, there are benefits, many of which are likewise unanticipated. Some examples…

Internal audits. These may uncover users in the system who should no longer be there, whether past employees, contractors, or something else. Not only does removing these accounts prevent past users from gaining access, eliminating users can result in reduced license fees.

Code reviews. In addition to the primary purpose of identifying security vulnerabilities, code reviews often improve functional problems, such as a web form that is difficult or unintuitive to complete by legitimate users. 

Vendor reviews. When reviewing vendor performance, you may find they are doing an excellent job at security. But you may also realize that you have two vendors providing overlapping services to different departments and would benefit by consolidating functions and letting one go. What begins as a cybersecurity project turns into a cost-saving and streamlining exercise.

Cybersecurity Touches Everything

One of the often overlooked and underappreciated benefits of a cybersecurity focus within an organization is that because cybersecurity is by nature an “in the weeds” discipline, attention paid in this area invariably uncovers other, unrelated benefits.

And while many of these benefits may be small on an individual basis and generally unexpected, they add up to across the board improvements and enhancements to your business.

(Side note to Jeff the electrician: I forgot to ask you to install a dimmer in the basement. No worries, we’ll get it done the next time we have you over for something more significant!)

Want to get great cybersecurity content delivered to your inbox? Click here to sign up for our monthly newsletter, Tales from the Click.

This article originally appeared on the Fractional CISO blog.