Discussion about this post

User's avatar
Bartosz Kowalski's avatar

I don't have nearly as much experience in the industry as you do. But there's what I've learned so far: It doesn't matter if the customer doesn't want to protect himself because he's skittish or simply unaware of the risks. Often an argument along the lines of “Be lazy - do it now, you'll have less to do.” works. Focus on the low-hanging fruit. Think of it like tackling the most visible weeds first. Basic, fundamental cybersecurity practices offer the biggest bang for your buck.

Expand full comment
Ron AARON's avatar

Indeed. My approach with my clients has always been "build-in security from the start". Sometimes clients are willing, sometimes (more often) they're cheap or misinformed as to the risks. I do try, though...

Expand full comment
2 more comments...

No posts