The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization
Adoption of new technologies can alter an organisation’s attack surface, requiring security controls, testing, and risk management to change.
Search across headline titles and summaries.
Background for this topic.
Adoption is the extent to which people and organizations begin using a security technology, control, policy, or practice and incorporate it into routine work. In cybersecurity, adoption is more than purchasing or deploying a capability: it includes correct configuration, user participation, and continued use. Examples include enabling multifactor authentication, applying security patches, using secure coding practices, and collecting logs from systems that require monitoring.
Adoption matters because uneven or incomplete use leaves exploitable gaps. A partially deployed authentication control may protect some accounts while others remain exposed; delayed patch adoption can leave known vulnerabilities available to attackers; and missing or poorly configured logging can limit detection and investigation. Practitioners therefore assess coverage, exceptions, configuration quality, and whether controls operate as intended. Training, usable workflows, staged rollout, and measured policy compliance can improve adoption without encouraging insecure workarounds or unnecessary collection of personal data.
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization