0%

Add cybersecurity to your value proposition and protect your company from cyberattacks

Cybersecurity is now a requirement for every company in the world regardless of size or industry. Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit covers everything a founder, entrepreneur and venture capitalist should know when building a secure company in today’s world. It takes you step-by-step through the cybersecurity moves you need to make at every stage, from landing your first round of funding through to a successful exit. The book describes how to include security and privacy from the start and build a cyber resilient company. You'll learn the basic cybersecurity concepts every founder needs to know, and you'll see how baking in security drives the value proposition for your startup’s target market. This book will also show you how to scale cybersecurity within your organization, even if you aren’t an expert!

Cybersecurity as a whole can be overwhelming for startup founders. Start-Up Secure breaks down the essentials so you can determine what is right for your start-up and your customers. You’ll learn techniques, tools, and strategies that will ensure data security for yourself, your customers, your funders, and your employees. Pick and choose the suggestions that make the most sense for your situation—based on the solid information in this book.

  • Get primed on the basic cybersecurity concepts every founder needs to know
  • Learn how to use cybersecurity know-how to add to your value proposition
  • Ensure that your company stays secure through all its phases, and scale cybersecurity wisely as your business grows
  • Make a clean and successful exit with the peace of mind that comes with knowing your company's data is fully secure

Start-Up Secure is the go-to source on cybersecurity for start-up entrepreneurs, leaders, and individual contributors who need to select the right frameworks and standards at every phase of the entrepreneurial journey.

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Dedication
  5. Foreword
  6. Preface
    1. WHY WRITE THIS BOOK?
    2. NOTES
  7. Acknowledgments
  8. About the Author
  9. Introduction
    1. ABOUT THIS BOOK
    2. HOW TO USE THIS BOOK
  10. PART ONE: Fundamentals
    1. CHAPTER ONE: Minimum Security Investment for Maximum Risk Reduction
    2. COMMUNICATING YOUR CYBERSECURITY
    3. EMAIL SECURITY
    4. SECURE YOUR CREDENTIALS
    5. SAAS CAN BE SECURE
    6. PATCHING
    7. ANTIVIRUS IS STILL NECESSARY BUT GOES BY A DIFFERENT NAME
    8. MOBILE DEVICES
    9. SUMMARY
    10. ACTION PLAN
    11. NOTES
    12. CHAPTER TWO: Cybersecurity Strategy and Roadmap Development
    13. WHAT TYPE OF BUSINESS IS THIS?
    14. WHAT TYPES OF CUSTOMERS WILL WE SELL TO?
    15. WHAT TYPES OF INFORMATION WILL THE BUSINESS CONSUME?
    16. WHAT TYPES OF INFORMATION WILL THE BUSINESS CREATE?
    17. WHERE GEOGRAPHICALLY WILL BUSINESS BE CONDUCTED?
    18. BUILDING THE ROADMAP
    19. CASE STUDY
    20. SUMMARY
    21. ACTION PLAN
    22. NOTE
    23. CHAPTER THREE: Secure Your Credentials
    24. PASSWORD MANAGERS
    25. PASSPHRASE
    26. MULTI-FACTOR AUTHENTICATION
    27. ENTITLEMENTS
    28. KEY MANAGEMENT
    29. CASE STUDY
    30. SUMMARY
    31. ACTION PLAN
    32. NOTES
    33. CHAPTER FOUR: Endpoint Protection
    34. VENDORS
    35. SELECTING AN EDR
    36. MANAGED DETECTION AND RESPONSE
    37. CASE STUDY
    38. SUMMARY
    39. ACTION PLAN
    40. NOTES
    41. CHAPTER FIVE: Your Office Network
    42. YOUR FIRST OFFICE SPACE
    43. CO-WORKING SPACES
    44. VIRTUAL PRIVATE NETWORK
    45. SUMMARY
    46. ACTION PLAN
    47. NOTES
    48. CHAPTER SIX: Your Product in the Cloud
    49. SECURE YOUR CLOUD PROVIDER ACCOUNTS
    50. PROTECT YOUR WORKLOADS
    51. SECURE YOUR CONTAINERS
    52. SUMMARY
    53. ACTION PLAN
    54. NOTES
    55. CHAPTER SEVEN: Information Technology
    56. ASSET MANAGEMENT
    57. IDENTITY AND ACCESS MANAGEMENT
    58. SUMMARY
    59. ACTION PLAN
  11. PART TWO: Growing the Team
    1. CHAPTER EIGHT: Hiring, Outsourcing, or Hybrid
    2. CATALYSTS TO HIRING
    3. GET THE FIRST HIRE RIGHT
    4. EXECUTIVE VERSUS INDIVIDUAL CONTRIBUTOR
    5. RECRUITING
    6. JOB DESCRIPTIONS
    7. INTERVIEWING
    8. FIRST 90 DAYS IS A MYTH
    9. SUMMARY
    10. ACTION PLAN
    11. NOTE
  12. PART THREE: Maturation
    1. CHAPTER NINE: Compliance
    2. MASTER SERVICE AGREEMENTS, TERMS AND CONDITIONS, OH MY
    3. PATCH AND VULNERABILITY MANAGEMENT
    4. ANTIVIRUS
    5. AUDITING
    6. INCIDENT RESPONSE
    7. POLICIES AND CONTROLS
    8. CHANGE MANAGEMENT
    9. ENCRYPTION
    10. DATA LOSS PREVENTION
    11. DATA PROCESSING AGREEMENT
    12. SUMMARY
    13. ACTION PLAN
    14. NOTE
    15. CHAPTER TEN: Industry and Government Standards and Regulations
    16. OPEN SOURCE
    17. UNITED STATES PUBLIC
    18. RETAIL
    19. ENERGY, OIL, AND GAS
    20. HEALTH
    21. FINANCIAL
    22. EDUCATION
    23. INTERNATIONAL
    24. UNITED STATES FEDERAL AND STATE GOVERNMENT
    25. SUMMARY
    26. ACTION PLAN
    27. NOTES
    28. CHAPTER ELEVEN: Communicating Your Cybersecurity Posture and Maturity to Customers
    29. CERTIFICATIONS AND AUDITS
    30. QUESTIONNAIRES
    31. SHARING DATA WITH YOUR CUSTOMER
    32. CASE STUDY
    33. SUMMARY
    34. ACTION PLAN
    35. NOTES
    36. CHAPTER TWELVE: When the Breach Happens
    37. CYBER INSURANCE
    38. INCIDENT RESPONSE RETAINERS
    39. THE INCIDENT
    40. TABLETOP EXERCISES
    41. SUMMARY
    42. ACTION PLAN
    43. NOTE
    44. CHAPTER THIRTEEN: Secure Development
    45. FRAMEWORKS
    46. MICROSOFT SDL
    47. PRE-COMMIT
    48. INTEGRATED DEVELOPMENT ENVIRONMENT
    49. COMMIT
    50. BUILD
    51. PENETRATION TESTING
    52. SUMMARY
    53. ACTION PLAN
    54. NOTES
    55. CHAPTER FOURTEEN: Third-Party Risk
    56. TERMS AND CONDITIONS
    57. SHOULD I REVIEW THIS VENDOR?
    58. WHAT TO ASK AND LOOK FOR
    59. SUMMARY
    60. ACTION PLAN
    61. NOTE
    62. CHAPTER FIFTEEN: Bringing It All Together
  13. Glossary
  14. Index
  15. End User License Agreement
54.152.216.170