Security Checklist for Startups

Here at ThreatMatrix, we’re always on the lookout for good quality, non-FUD security tips to share with our readers. That’s why we’re happy to point you to a useful startup security checklist that a company named sqreen has created. The company offers a good tactical checklist of activities that, absent a more focused strategy and singular point of ownership, can get your company past some of the preliminary hurdles startups will face.

Startups are hustling to get funding, engineering, and innovative products off the ground and often they (unintentionally) don’t spend the time needed to responsibly secure their company, venture capitalists (VCs), and beta customers. Innovation is key in the world of startups, but without the proper security measures in place, you’ll quickly lose all that hard-earned trust from both VCs and customers, not to mention your own employees.

It’s also important to note that some sales can be lost without adequate controls. As your company looks to larger customers, the maturity of their vendor risk programs may require external attestation to the controls you have in place. For example, it’s now commonplace for customers to ask for SOC 2 Type II reports or ISO 27001 certifications. In one fell swoop, all that work you put into your startup could amount to nothing.

So, startup CTOs, take note of this list. Even if you’re not a security expert yet, get these pieces safely into place and you’ve laid the groundwork for the company, your CEO, and the all-important Board of Directors.

The checklist not only documents what pieces of your security infrastructure to get in place, but also at what stage of the company you need to complete it. That seed round where everyone around you is hyper focused on pitching and getting funding is when you, as CTO, (Read more...)

*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Cylance Research and Intelligence Team. Read the original post at: