What is The Impact of Doing Nothing?

During my professional journey as a project manager, I developed several business cases for approval. Most were approved. Some weren’t. Most organisations expected 3 business recommendations, often along with a mandatory 4th one – ‘Do Nothing’ with a deep consequential analysis. As in, what would be the impact if we were not to act as a business.

Today, I lead a cybersecurity professional services firm. When I reflect on that 4th recommendation (Do Nothing) in my current professional practice, I am perplexed at how can ‘Do nothing’ even surface as an option.

To organisations who are considering doing nothing on cyber security matters, I encourage them to reflect on writing a business case. Jot down 5 things that come to your mind as to the consequences of doing nothing.

Here are a few from me:

  1. Loss of data,
  2. Ransomware,
  3. Malware,
  4. Access to email and confidential data,
  5. Loss of customer trust

What are a few of yours?

Let’s reflect. Let’s share our thoughts as we build a culture of ‘cyber security by design’.

And if you are ready to proactively take charge of your cybersecurity,  talk to a consultant!

Similar posts

Get notified for new cybersecurity insights

Subscribe for a weekly round-up of the latest in cybersecurity - from knowing the potential threats, to best practices, to insights on how to manage, evolve and strengthen your cybersecurity posture - we'll share it all.