Content

From the startup to the enterprise: where cyber fits in the growth trajectory

Jill Aitoro

Starting a new business by definition is risky. It’s why early on in Silicon Valley you heard that catchy, albeit completely ill-conceived motto of  ‘fail fast, fail often.’ 

But while entrepreneurs understand many aspects of the careful balance of risk versus reward – the successful ones anyway – consideration of the security of systems and data often comes later. It’s not ignored, mind you. But whether it’s a line item in the business plan presented to venture investors is another story.

Shouldn’t it be though? Considering how vulnerability management evolves right along with a business’s growth trajectory, shouldn’t every milestone in business expansion bring new security considerations? From startup, to small business, to mid-size business to enterprise: how does a company evolve its investments and priorities to ensure security keeps up with expansion? Vice versa, how does a startup avoid overinvesting too soon, sacrificing pressure dollars?

That is the puzzle that I’ll be tackling with Michael Smith, CEO of Rising Tide Cybersecurity Management, during SC Media’s Vulnerability Management Virtual Conference, Dec. 16-17. And it is a puzzle. As Smith told me recently, enterprise security is built for stability, while startup security is built for speed. But in all cases, investment in vulnerability management can make or break a business – depending on whether it’s done right or done wrong.

Consider the company developing a health care app; certainly, that company will need to comply with HIPPA regulations in its handling of patient data. But it might not make economic sense to filter those venture capital funds into compliance during the early days of app development, before the business even has any users. Of course, do it too late and the company could fall behind on the plan for rollout. Consider too the small business looking to get acquired: invest too much in security and watch your liquidity disappear; invest too little or invest wrong, and market value takes a hit.  

Like I said, it’s a puzzle. 

Be sure to register to catch my conversation with Smith on these very topics, and while you’re at it, tune in to hear Brandon Hoffman, chief information security officer at Netenrich; Malcolm Harkins, chief security and trust officer at Cymatic, and many more incredible speakers as we break down the modern-day security leader’s approach to vulnerability management.

Jill Aitoro

Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.