How concerned should startups be about cybersecurity?
1- Very worried35%
2 - Somewhat concerned56%
3 - Low priority6%
4 - Not concerned at all1%
846 PARTICIPANTS
Sort By:
Oldest
CISO in Software4 years ago
All of the options may apply, depending on the situation and task at hand. Startups rarely have full-time security personnel. At the same time, there should be security-savvy people who can provide informal guidance and advice and ensure the product is built on secure engineering principles -- and this includes knowing when to worry and when to be relaxed. The systematic approach, governance, policies, security operations and everything can come later when the product proves to be viable, but if the backgrounds are designed poorly, no-one would fix that, ever.CTO in Software3 years ago
"Should" doesn't make it so 🙂 Of course it is best if cyber security awareness is there from the very start and best practices are organically incorporated, but for most startups to survive they need to have an almost maniacal focus on the subject matter (product, service, etc.) So, unless cyber security is critical/integral to that pursuit it's not likely to get much attention. It is what it is, not what it should be 🙂Director of Technology Strategy in Services (non-Government)3 years ago
It's easier to address it from the start than to add it back in later.
And it’s only going to get worse because people are making the same problems that are very easy to fix. For example, they’re not configuring S3 buckets properly or not patching external facing systems properly. People are getting that because of these common issues and then ‘script kiddies’ and people that aren’t experts in security are black-hat hacking or finding issues and sucking down data. People really need to start thinking about problems earlier.