Proposed solution
Solutions for handling Cyber security issues, can be divided in to three major solutions:
Avoid.
If the risk outweighs the benefits, discontinuing an may be the best course of action if it means no longer being exposed to it.
If you are no longer using the system, the system does not have to be secured as it can be removed. Ways of finding out if a system is being used is to analyze the usage by Microsoft Defender for Identity. If the system is not being used by any (or few users) it can be decommissioned
It is also possible to use the Microsoft Defender for Endpoint to analyze and see what is used actively and find out if the solution is being active.
Or in worst case use the SCREAM method: https://lnkd.in/ecUv-9gs
What’s the Scream Test? Well, in the Microsoft case it was a multistep process:
Transfer.
Share a portion of the risk with other parties through cyber insurance or outsourcing certain operations to third parties.
Recommended by LinkedIn
This might include move things to the cloud an example might be Azure SQL Azure SQL | Microsoft Azure ,which includes: multi-layered protection with built-in security controls including network security, encryption, and access and key management and physical security.
Mitigate.
Deploy security controls and other measures to reduce the Likelihood and/or Impact and therefore the risk level.
This can include either on-prem security controls or cloud based controls. An overview of the controls that are present in Azure can be found here: Overview of the Azure Security Benchmark v3 | Microsoft Docs
Backlink
Forwardlink
Interesting thoughts Niklas. With rapidly changing landscape and gaps in skills to even make a decision to "Transfer" or "Mitigate". You have any thoughts on what probabilities that "Ignore" will also increase as a result?