Information security in an insecure world

If I could give only one piece advice for CTOs and IT teams, it would be this: Data security is not just an IT task—it comes down to people and processes. As a startup CTO, you’re often going to lead the charge when it comes to information security for your firm.  

According to the Identity Theft Resource Center, U.S. companies and government agencies suffered a record 1,093 data breaches in 2016—a 40 percent increase over 2015. We’ve all seen the headlines and the high-profile victims, but attackers don’t discriminate when it comes to security breaches. Any company can become a victim, leading to losses of your data, your customers’ data, financial information, proprietary product information, and, ultimately, a loss of goodwill in the market. As more processes move online and into the cloud, companies increasingly feel this burden of staying secure.

The solution? Establish information security standards

To reduce your risk of an incident or breach, I highly recommend obtaining an information security certification that makes sense for the markets that your firm serves. In addition to making your data and services safer, it will give your customers peace of mind and provide a competitive advantage in the market. 

It will also help lower expenses or prevent loss of business due to interruptions in service or data leakage. If your company has been growing rapidly, obtaining a certification will provide an organized method for escalation and response to security incidents and will force you to define responsibilities, such as who will manage information assets, who has the right to access certain systems, and how to manage the offboarding of employees so they don’t take your data with them.

Leave a Reply

Your email address will not be published. Required fields are marked *