29 Jul 2015, 16:10 — 6 min read
As a startup you are very busy with a million things - VC pitches, perfecting your product, getting your team together, firing up your passion, catching up on sleep, coping with butterflies in the stomach and so much more. Life is on a roll and there is no time for anything but to get the product out in the market and to bring the money home.
And in the middle of all this, I come along telling you that you need to secure your information assets! And of course you don't have the time for this silly housekeeping activity which is not going to bring any revenue home. So you just brush it off saying you will do this later and that (a) you have anti-virus and some firewall in place, (b) you are just starting out and are too small to be of interest to any cyber-criminal.
Well you just made two or three very clichéd excuses for bad luck to come your way!
Reason # 1
No one is too small or too big for a cyber-criminal. You have a computer and you are connected to the internet and the machine has some weaknesses -- that's enough. The crook may not get your bank password, or the data on the machine may be gibberish, but then it can be used as a bot and contribute it's small or big processing power to a criminal network!
Let us take another scenario - you are too small so you have only one machine and this crook encrypts your data and asks you for $1000 - what will you do? Pay up or leave the machine in an unusable condition... and then start writing your dream programme all over again... only to be hit again!
Yes you can be hit multiple times. The most famous company to get hit multiple times is Sony; and mind you these were big hacks.
Another scenario - you are also using your lone machine for netbanking. Boom, when this guy compromised your machine he got his hands on your netbanking credentials, your address book and all the emails and documents in the machine - oh and those personal pictures too!
Let's talk business since your life is all about the startup -- you are driving to get your brilliant idea off the ground and will make you the next Mark Zuckerberg.
Practice safe computing, take care of hygiene issues and you will take care of more than half the risk you are living with. A few things you should do...
Of course you will need hi-tech stuff like SIEM, DLP, IRM, UTM and all those new-fangled techno solutions because they will all contribute to give you a good night's sleep. They may not really be able to stand up to a determined attack, but that too is another story.
Finally, if you are reading this and you are not a startup, you still need all this in place and more. You may be a small scale enterprise or an enterprise sized enterprise, or a government entity - whatever you may be, it is time to realise that you are living, eating and breathing cyber risk and cyber threats and that you need to secure yourself.
Information Security is not too difficult if you really get down to doing it, so just don't put this off. In case you have a new excuse - drop me a line and I shall help you shoot it down. And, if you have a question, link with me on GlobalLinker.