Add cybersecurity to your value proposition and protect your company from cyberattacks
Cybersecurity is now a requirement for every company in the world regardless of size or industry. Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit covers everything a founder, entrepreneur and venture capitalist should know when building a secure company in today's world. It takes you step-by-step through the cybersecurity moves you need to make at every stage, from landing your first round of funding through to a successful exit. The book describes how to include security and privacy from the start and build a cyber resilient company. You'll learn the basic cybersecurity concepts every founder needs to know, and you'll see how baking in security drives the value proposition for your startup's target market. This book will also show you how to scale cybersecurity within your organization, even if you aren't an expert!
Cybersecurity as a whole can be overwhelming for startup founders. Start-Up Secure breaks down the essentials so you can determine what is right for your start-up and your customers. You'll learn techniques, tools, and strategies that will ensure data security for yourself, your customers, your funders, and your employees. Pick and choose the suggestions that make the most sense for your situation--based on the solid information in this book.
* Get primed on the basic cybersecurity concepts every founder needs to know
* Learn how to use cybersecurity know-how to add to your value proposition
* Ensure that your company stays secure through all its phases, and scale cybersecurity wisely as your business grows
* Make a clean and successful exit with the peace of mind that comes with knowing your company's data is fully secure
Start-Up Secure is the go-to source on cybersecurity for start-up entrepreneurs, leaders, and individual contributors who need to select the right frameworks and standards at every phase of the entrepreneurial journey.
Autorentext
CHRIS CASTALDO is the Chief Information Security Officer at Crossbeam, the world's first and most powerful partner ecosystem platform. Crossbeam acts as a data escrow service that finds overlapping customers and prospects with your partners while keeping the rest of your data private and secure. Chris is also a Visiting Fellow at the National Security Institute at George Mason University's Antonin Scalia Law School. He previously held cybersecurity executive roles at Dataminr, 2U, IronNet Cybersecurity, Synchronoss, and the National Security Agency. He is a U.S. Army and Operation Iraqi Freedom veteran.
Klappentext
PRAISE FOR
START-UP SECURE
A must-read for any start-up organization whether they are providing an application or developing the next great widget. Chris has taken a complex subject and made it relatively simple with step-by-step examples and references to help founders understand their threats. If you are building an organization and plan to be acquired, Chris covers the elements that will happen in a review and highlights the importance of addressing them upfront to reduce costs and make your assessment or funding round as painless as possible.
HAROLD MOSS, former CTO, IBM
Cybersecurity is often one of the things that early stage companies deferand in doing so, they put their data, their reputations, and their businesses at significant risk. Chris Castaldo offers a clear, comprehensive, and actionable approach to making information security a cornerstone of a modern company's construction and does so with eloquence and precision. It's the closest thing to having the ability to hire a seasoned CISO on day one and should be essential reading for every founder.
KEVIN O'BRIEN, CEO and Co-founder, GreatHorn
Chris works to bring a valuable introduction to security basics for the start-up world in a practical, relatable way.
ANNE MARIE ZETTLEMOYER, Vice President, Security Engineering, Payments Industry; Visiting Fellow, National Security Institute
In Start-Up Secure Chris Castaldo does an exceptional job of covering the core essentials founders need when building their companies. He develops the groundwork for entrepreneurs to incorporate sound IT and cybersecurity practices into their start-ups as part of their innovative culture. His book is a great read; I found myself taking notes and really enjoyed the experience. I feel it will provide value to everyone in the start-up community for years to come and can't wait to see what he writes next.
GARY HAYSLIP, CISO, SoftBank Investment Advisers
Start-up security has been an afterthought for far too long, getting pushed to later stages, and yet a single data breach might doom your fledgling business. Unfortunately, far too many fast growing start-ups fall into this trap and have to deal with the impossible public relations nightmare after a breach. Delay no more! In this thoughtful and approachable book, Chris Castaldo gives you an actionable roadmap to mitigate this massive, yet snubbed, risk to your business. You can easily use this book to get your security program going at any budget or team size. Pick it up, read it, and get implementing.
SINAN EREN, CEO and founder, Fyde
Inhalt
Foreword xv
Preface xvii
Acknowledgments xxi
About the Author xxv
Introduction 1
Part I Fundamentals
Chapter 1: Minimum Security Investment for Maximum Risk Reduction 7
Communicating Your Cybersecurity 9
Email Security 10
Secure Your Credentials 12
SAAS Can Be Secure 14
Patching 15
Antivirus is Still Necessary but Goes by a Different Name 18
Mobile Devices 18
Summary 20
Action Plan 20
Notes 21
Chapter 2: Cybersecurity Strategy and Roadmap Development 23
What Type of Business is This? 24
What Types of Customers Will We Sell To? 24
What Types of Information Will the Business Consume? 25
What Types of Information Will the Business Create? 25
Where Geographically Will Business Be Conducted? 26
Building the Roadmap 26
Opening Statement 26
Stakeholders 27
Tactics 27
Measurability 27
Case Study 28
Summary 30
Action Plan 30
Note 30
Chapter 3: Secure Your Credentials 31
Password Managers 32
Passphrase 33
Multi-Factor Authentication 35
Entitlements 37
Key Management 38
Case Study 39
Summary 41
Action Plan 42
Notes 42
Chapter 4: Endpoint Protection 43
Vendors 44
Selecting an EDR 45
Managed Detection and Response 46
Case Study 49
Summary 50
Action Plan 51
Notes 51
Chapter 5: Your Office Network 53
Your First Office Space 54
Co-Working Spaces 57
Virtual Private Network 58
Summary 60
Action Plan 60
Notes 60
Chapter 6: Your Product in the Cloud 63
Secure Your Cloud Provider Accounts 65
Protect Your Workloads 66
Patching 67
Endpoint Protection 68
Secure Your Containers 69
Summary 70
Action Plan 70
Notes 71
Chapter 7: Information Technology 73
Asset Management 74
Identity and Access Management 76
Summary 77
Action Plan 78
Part II Growing the Team
Chapter 8: Hiring, Outsourcing, or Hybrid 81
Catalysts to Hiring 82
Get the First Hire Right 83
Executive versus Individual Contributor 84
Recruiting 86
Job Descriptions 86
Interviewing 88
First 90 Days is a Myth 90
Summary 90
Action Plan 90
Note 91