Intro
The ISSA hosted a webinar in mid-2021 about cybersecurity asset management trends. Driving the topic was the pandemic’s impact on cyber priorities (e.g., challenges with remote/hybrid workforce), but it became clear that while the pandemic forced arguably all organizations to address nearly without notice complex problems overnight, comparing pre-2020 to 2020-present shows significant differences of both degree and kind. For example, nearly 75% of ISSA survey respondents reported increased complexity with remote work in the lead.

Our Observations
2020 forced (and in many cases the pandemic continues forcing) organizations to accumulate complexity as they navigated rough, uncharted seas, and obviously there is no manual or one-size-fits-all search result for “how do we maintain continuity and send our staff home?”. Some organizations faced a lesser challenge either because remote was already in place or their business continuity planning accounted for “office failover”. Regardless, we argue this was not seamless for anyone–just degrees of difficulty. K-12 schools, in our experience, faced (and some still face) tremendous difficulty.

“Complexity Debt”
In the US at least, much has reopened (fingers crossed), but employees capable of working “anywhere” will likely not return in full capacity to their pre-2020 locations. Ever. That may leave organizations, especially those who deployed remote staff in a “trial by fire” mode, with what software engineering terms technical debt. Technical debt is rarely paid down–let alone paid off–and is overshadowed by competing priorities. But in this article’s context we use the term complexity debt–the accumulation of potentially many more “moving parts” and associated risk, and risk generally higher for teams that faced greater challenges adhering to mandates with practically no runway.

Complexity’s Balance Sheet
Unlike technical debt, which refers to years if not a decade or more of accumulation, organizations may be in a position to assess their 2020 complexity debt with an eye toward reducing unnecessary complexity drawing time and money from other matters. For example, to what extent do the risks of information loss, malware (namely ransomware whose foray into household/remote work endpoints is alarmingly increasing), and other liabilities increase when an organization’s walls and network are now not as finite?

Paying Down the Debt
Sector 7G assisted organizations with limited resources weather the storm beginning in March 2020. We focused on speed, maintaining (and, in some cases, reducing) risk levels, and, of course, simplicity for teams to manage themselves.

Since “remote”, “flex”, “hybrid”, or however we’d like to characterize today’s workforce is not in a period of reversion but rather refinement, contact us since we know what works, what to avoid, and how to pay down complexity debt.