Latest news with #technicaldebt
Forbes
4 days ago
- Business
- Forbes
How To Tackle Tech Debt Without Slowing Innovation
Technical debt is a hidden weight that can quietly undermine the long-term stability of both products and platforms. Yet addressing it often feels at odds with the pressure to keep building and releasing. Experienced tech leaders know it's possible to both strengthen foundations and deliver new capabilities—it just takes careful resource management. Below, members of Forbes Technology Council share practical strategies they've used or observed to reduce technical debt without slowing development. From disciplined processes to small, consistent improvements, these approaches show how thoughtful planning can support innovation and sustainability across systems. 1. Plan For Debt As You Would For Features One strategy that works: Plan for tech debt as you plan for features. We assign small, intentional cleanup tasks alongside major work so it's not an afterthought. This way, quality improves steadily and the team never has to pause progress just to 'fix things later.' It keeps velocity up and the codebase up to the mark. - Nidhi Jain, 2. Make Small Improvements During Feature Work Implement a 'boy scout rule' under which developers are encouraged to make small improvements to existing code during feature work. This maintains development momentum while gradually improving code quality, and developers are more motivated to clean up code they're already actively working with. - Kevin Cushnie, MC Systems Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify? 3. Analyze User Engagement To Pinpoint Friction Proactively analyze user engagement metrics to pinpoint friction points where users spend excessive time. Prioritize these areas for targeted debt reduction, aligning technical improvements closely with meaningful user experience enhancements. This strategic approach ensures teams efficiently address critical technical debt, boosting productivity and product value without slowing down development. - Antara Dave, Microsoft Corporation 4. Bring In Someone From A Different Team If your team wants to maintain velocity, consider adding someone from another team to the mix. They can bring fresh eyes and, potentially, newer architectures or development practices to your group. A senior engineer can usually spot opportunities for improvement pretty quickly, and even the act of explaining the code to a new team member can make areas for improvement obvious. - Luke Wallace, Bottle Rocket 5. Hand Over Tasks When Someone Takes Vacation Pre-vacation handovers are an excellent opportunity to reduce tech debt. Planning and carrying out handovers before we take a holiday are crucial to maintaining smooth IT operations. Giving your employees the choice to hand tasks over to automation or a human colleague can help reduce tech debt and automate tasks. Critically, it utilizes time already allocated for addressing this work. - Kevin Korte, Univention 6. Implement A 'Fix Forward' Approach A 'fix forward' approach helps ensure the absence of critical technical debt in a product or platform. Additionally, holding regular hackathons outside the standard release schedule incentivizes extra participation among developers and offers learning opportunities for individuals not directly involved in specific modules or features, thereby promoting collaboration. - Satyabrat Chowdhury, CORESTACK Inc. 7. Make Sure The Product And Engineering Teams Are Aligned Resolving technical debt is development. The Shangri-la of 'no tech debt' does not survive contact with reality. It's a balance of doing what's right for the business. Making sure the product and engineering teams are on the same page is critical. You should have sprints where tech debt is the focus. - Patrick Emmons, DragonSpears, Inc. 8. Start Every Build With An Assessment The best approach is to embed assessments early. Before jumping into builds, take time to evaluate: What do we remove, migrate or rebuild? Most failures stem from skipping this upfront evaluation, not from the execution itself. That prework keeps the team from dragging legacy systems forward and saves you from cleaning up later. - Benjamin Niaulin, ShareGate by Workleap 9. Have A Plan To Avoid Tech Debt Altogether Tech debt needs to be avoided at all costs. Everything needs to be planned, mapped and strategized without having an option for accumulating tech debt. It's harder to get rid of a 'patch job' than it is to take the time to build a solid solution. - Sabrin Freedman-Alexander, Cloudvoid 10. Tackle Tech Debt As Part Of Each Sprint Dedicate 10% to 20% of each sprint to technical debt. This ensures debt reduction is ongoing without disrupting feature delivery, balances priorities in the backlog, and prevents long-term buildup. It fosters a culture of quality and ownership while maintaining development speed and ensuring healthier, more sustainable code over time. - Dileep Rai, Hachette Book Group 11. Thoroughly Vet New Tools Before Adding Them One strategy that works is to evaluate new tools, especially AI, with a disciplined lens before adding them. Too many teams chase AI without asking if it supports their mission or just adds complexity. To avoid tech debt, focus on three things: integration, consolidation and whether your team is ready to support it long-term. - Todd Fisher, CallTrackingMetrics 12. Get Executive Buy-In And Investment Tech debt cannot be a 'taboo subject' hidden from view—you'll never make progress. One strategy that is a must-do is to get the executive team's buy-in (go to the board if necessary) so that proper investment and resources can be allocated to tech debt reduction. The dev team needs to explain the risks associated with ignoring it—the execs will listen closely and support. - Bruce Kornfeld, StorMagic 13. Leverage 'Context-Driven Debt Fixing' Implement 'context-driven debt fixing'—when developers get stuck debugging legacy code during feature work, they must refactor that specific problem area before continuing. Why this is effective: Frustration becomes the trigger for improvement. Devs naturally want to fix what's blocking them, so the refactoring feels productive rather than like overhead. Compound improvements happen organically. - Stoyan Mitov, Dreamix 14. Adopt A 'Progressive Refactoring' Mindset One strategy I've seen successfully employed is adopting a 'progressive refactoring' mindset within Agile sprints that is driven by clear ownership and measurable impact. Developers become responsible not just for delivery, but also for code quality and future maintainability in their area. - Diganta Sengupta, Oracle Corp. 15. Focus On Strategic Goals And Flexibility When Selecting Solutions There are two important things, really—a focus on bigger, strategic goals when selecting tools and solutions and an emphasis on flexibility and customization. Most software tools only get teams and organizations 80% of the way to a solution, but it's that 20% that can be the difference between success and failure when choosing to add to your tech stack. Embrace flexible tools that are easy to build and scale. - Ed Jennings, Quickbase 16. Take Advantage Of The Overlap Between Releases And/Or 'Clean As You Go' I employ two strategies: Use the overlap between releases for focused debt reduction, ensuring smooth production while clearing debt before new work begins. Alternatively, dedicate 20% of each sprint (that is, one dedicated developer) to addressing technical debt concurrently with new feature development. This 'clean as you go' approach prevents tech debt accumulation and keeps the codebase healthy. - Uttam Kumar, American Eagle Outfitters 17. Bundle Debt Work With Related Feature Work One effective strategy I've used to reduce technical debt without slowing development is to bundle debt work with related feature work. If you're touching the code anyway, pay down nearby debt while you're in there. It's like fixing that leaky pipe while you renovate the kitchen—not six months later when it floods your basement. - Andrew Siemer, Inventive 18. Make Tech Debt Reduction Part Of Digital Transformation Technical debt reduction should be defined as a part of any transformation. There is a cost associated with sunsetting applications, but there is a benefit as well. - Bhushan Parikh, Get Digital Velocity, LLC 19. Embed Identity Governance Into The Software Development Lifecycle One effective strategy is embedding identity governance into the SDLC using digital twins to simulate access policies before deployment. This prevents access sprawl and identity debt (both forms of technical debt) without slowing delivery. It's a lightweight, proactive approach that keeps security aligned with speed. - Peter Hill, Gathid 20. Configure 'Debt Heatmaps' Use 'debt heatmaps' to identify pain points, then apply a sprint 'debt tax' to clean up the worst offenders during normal dev cycles. It's strategic and continuous and keeps the team shipping without backlog bloat. - Mark Mahle, NetActuate, Inc.
Forbes
05-06-2025
- Business
- Forbes
What Cybersecurity Teams Can Learn From Product Management
Dan DeCloss is the founder and CTO of PlexTrac and has over 20 years of experience in cybersecurity. What does it take to be a successful entrepreneur? The most obvious answers are passion, determination and a clear vision. But humility and a willingness to listen and accept feedback are just as—if not more—important. In fact, many successful entrepreneurs will tell you that there's nothing more important than customer feedback. Getting a continuous flow of feedback is a great scenario; however, it presents a big challenge: What do you prioritize first? This is the exact question that product teams ask every day. Just as entrepreneurs look to make the biggest impact on their product in the shortest amount of time, product teams want to maximize efforts. The challenge is determining what is actually going to move the needle while also taking into account which customer requests must be addressed first, which bugs and defects are make-or-break and what new features will outweigh the cost of technical debt. Other teams, like cybersecurity, can also learn a lot from product teams. Prioritization challenges are common among product teams, which is why they've developed mature processes and frameworks to manage them effectively. If you take these same challenges and apply them to cybersecurity teams, the similarities are striking. Both disciplines ultimately share the same mission: to enable the business to succeed and serve its customers. This alignment means both product and cybersecurity teams must base their plans and priorities on how best to support business goals. While cybersecurity program management is still maturing, product management (PM) offers a well-established playbook to learn from. By drawing these parallels, security teams can uncover valuable insights and adopt proven practices to advance and streamline their own operations. Let's dive into some of the challenges in cybersecurity and identify ways that product management is solving them. Cybersecurity teams are always responding to alerts, leaving them in a constant state of reaction. This can lead to a common sense of 'alert fatigue' and burnout. Security teams also tend to get inundated with vulnerabilities and findings from proactive scans and assessments. This problem has a direct correlation to the prioritization challenges within product management. Product management teams manage this with a systematic approach, using sprints, capacity planning and backlog grooming to plan for work. Each sprint is loaded with work for the team and a dedicated buffer to allow for any unplanned work, such as critical bugs, etc. Security teams can make great strides in their journey to accomplish more work and move to a proactive state by following similar principles. If a security team operates in a sprint model, they can load planned work while leaving room for unplanned work. This feeds directly into the prioritization discussion. Establishing a clear process around planning work is the foundation for meaningful prioritization discussions. In cybersecurity, this is especially vital as teams are inundated with all kinds of vulnerabilities, compliance items, alerts, etc. By taking a page from the PM playbook, security teams can build a roadmap of initiatives based on their priority. One effective method is scoring each initiative based on its relative importance and impact on the business. Applying this framework helps security teams assess risk and prioritize efforts in the context of broader business goals. Of course, prioritization becomes challenging when urgent injections or alerts arise. That's where a defined escalation process—similar to an incident response plan—becomes essential, enabling teams to handle interruptions in a structured and consistent manner. Once you have defined your roadmap and established your work cadences, you're fully operational. But are you successful? This is where metrics come into play. PM teams measure how long it takes to get a feature or product to market as well as the adoption rate of the features. They also measure the allocation of time within each sprint. Security teams should adopt a similar mindset, dedicating 60% of sprint time to proactive security measures and 40% to reactive tasks. Additional metrics should be used to track mean time to resolution, meant time to detection and risk reduction over time. There are many other metrics to consider, but the goal is to ensure you're able to show progress in achieving KPIs and reducing risk exposure. Prioritization remains one of the toughest challenges for nearly everyone, from entrepreneurs sifting through customer feedback to cybersecurity leaders triaging vulnerabilities, alerts, compliance requirements and managing risks. Product teams have spent years refining their approaches to prioritization—turning feedback overload into focused roadmaps and aligning work with business goals. It's time for cybersecurity to steal from that playbook. By borrowing the frameworks, mindset and strategic discipline of product management, security teams can navigate complexity with greater clarity, build more impactful programs and, ultimately, drive better outcomes for the business. The blueprint already exists—are you bold enough to use it? Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
