Cyber security, importance and urgency

Are you familiar with the important—urgent matrix?  

Known as the Eisenhower matrix, it is a way of prioritising your tasks so that the important things don’t get pushed out by urgent (but less important) tasks.  

eisenhower matrix assigning tasks to one of four segments based on importance vs urgency: do, decide, delegate, drop
Eisenhower matrix

Inevitably, tasks can move between the four segments as priorities change and unexpected events happen, but as an overview: 

  • The urgent tasks, that have to be done now, cause us to work in reactive mode. 
  • The important tasks are the ones that lead towards the overall goal. 

We’re not going to discuss those tasks that are neither important nor urgent, but here’s how we can help with some of your other cyber security tasks. 

Segment 1: Important and urgent  

These are the tasks that really must be done now: crises, emergencies, deadlines and so on. 

Some senior decision-makers find that a lot of their time is spent in this segment, typically fire-fighting. This can mean insufficient time available to plan ahead. 

How can we help?  

If you have a cyber crisis, such as a data breach or a security incident, we can help you manage that. 

You may also have urgent cyber-related deadlines, such as; needing to complete supplier questionnaires, fix problems raised by audits, or pre-assessment certification checks. We can help you meet these externally imposed deadlines. 

And by working with you in segments 2 and 3, we can help secure your systems and build strong governance to reduce the likelihood of cyber crises in the future. 

Segment 2: Important but not urgent 

These are tasks involving setting goals and forward planning. These are the tasks that senior decision makers should be spending most time doing, and are those that have a long-term impact on the organisation. 

Clearly, tasks that sit in this segment could become urgent if not completed in a timely way, and this would only add to the pressure in segment 1.  

How can we help?  

We can provide a lot of value here, by supporting risk assessment, business continuity and disaster planning, assessing the security of your systems, developing policies and working towards certifications.  

This kind of preparation and planning work should reduce the risk of cyber crises, and free you up to be able to focus on your main task: running your business. 

Segment 3: Urgent but not important  

Tasks in this segment need to be done, but may not need to be done by you. These should be delegated, at least until (and if) they require a decision on your part, and move to segment 2.  

How can we help?  

It’s easy to task us with the cyber security work that is urgent, but that you don’t need to do yourself. Our Security Manager as a Service and Data Protection as a Service subscriptions would be ideal.  You can call us when you need to and roll hours over to the next month, if you don’t need us this month.  

Passing these day-to-day security tasks on to us, as and when necessary, will give you peace of mind that these tasks are being done and let you focus on the important tasks.  

Contact us to talk about how we can help.