iWeb Blog

At iWeb, we help manage your IT infrastructure so you can focus on growing your business. And that's why we publish articles here that we think will be of interest to founders, executives, IT professionals...and anyone interested in building successful businesses.

Code on device

Founders’ Reading List: 5 Security Gaps in Startups

February 20, 2019

Let’s establish one thing right away: startups are nearly as vulnerable to security breaches as Fortune 500 companies. However, big businesses can survive data breaches. Small businesses, like startups, have a harder time doing so. In 2017, 61% of cyber attack victims were businesses with under 1,000 people (.pdf warning). Because these attacks are costly, it’s estimated that 60% of small businesses who have suffered a cyber attack will go out of business within six months.

So what’s a startup to do with these sobering statistics?

Fully Consider Your Specific Threats

Long before you see launch day, every startup needs to do a security risk assessment and regular gap analyses. This is an all-hands-on-deck situation, and ideally those hands include your lawyer and a security engineer. Startups who screw up their security risk assessment by either not giving it their full attention or not doing it until after they’ve launched are startups more likely to fail.

Involve Security In IT Strategy

When you’re considering things like dedicated web hosting versus managed web hosting, security needs to be part of the equation. There are plenty of financial and strategic reasons to choose one or the other, but security needs to be involved in the decision so resources can be deployed properly.

Don’t Invest in the Wrong Security Tools

There are lots of excellent security tools out there. Many are startup friendly. Some are even free. You may want packet sniffers, network intrusion detectors, penetration testers, debuggers . . . you get the idea. However, with a low burn rate being very important to startups, it’s important to invest your security budget in the right tools.

This goes back to your security risk assessment. The priorities that assessment identified should be reflected in the security budget.

Don’t Ignore the Basics

Strong passwords. Two-factor authentication. Training against phishing attacks. You’ve seen these topics written about to death. But guess what? Security basics are where most startups go wrong. Only a quarter of workers are using two-factor authentication, which should be a standard practice. Moreover, nearly everyone gets phishing emails and three quarters of businesses suffered from phishing attacks last year. Good security starts with the basics.

Consider Professional Cybersecurity

Your startup may not have the expertise to manage cybersecurity. Or it may not have the time. Or your security needs may be relatively minimal, even though you still value good security. In that case, it may be smart to hire a cybersecurity firm, expert, or managed hosting provider to assess your needs and help you out.

Remember, the cost of hiring cybersecurity starts in the low thousands. The cost of a cybersecurity breach to a small-midsize business averages $46,000 and can grow to consume the whole company. Contact iWeb today to learn more about protecting your data and business.

Categories

Recent Posts

The consequences of skimping on website security services are widely understood. Businesses should give as much attention to executive cybersecurity. After all, the consequences of a whaling attack can be devastating.
Cybersecurity Practices for Executives
April 25, 2019
Montreal, CANADA Montreal city at sunrise. Amazing view from Mont-Royal with colorful blue buildings. Stunning panorama of Montreal downtown skyline in the fall morning.
Why We Love Montreal
March 28, 2019
Unicorn Swim Tube
Full Stack Developers: Unicorn? Or Reality?
February 7, 2019
cybercrime-hacking-and-techno-241244080
How to Prepare for a Distributed Denial-of-Service (DDoS) Attack
January 17, 2019
With fewer servers to maintain, virtualization offers savings not only on hardware but also on maintenance. Consolidating your workloads will reduce your costs. It’s the most efficient way to deploy resources, and that efficiency translates into lower operating costs.
Introduction to Virtualization
December 19, 2018
Distributed denial-of-service attacks involve a whole family of methods and techniques. The complexity of the attack dictates the complexity of the response.
Understanding Distributed Denial-of-Service Attacks
November 15, 2018
How Does a Dedicated Server Work?
How Does a Dedicated Server Work?
October 29, 2018
Managed web hosting is very different from its closest relative, dedicated web hosting. If you need a mission-critical server, don’t have the in-house expertise to manage it, or can’t spare the capacity, then managed web hosting is worth the price tag.
Understanding Managed Web Hosting
October 2, 2018