Last week our partners at PwC joined us at CodeBase to answer some tenant questions around cyber security and what those starting out and scaling up need to think about (and when). Cyber attacks are becoming mainstream, regularly making front page news - you can even now buy botnets to instigate DDoS attacks. Colin Slater and Ross Foley at PwC painted a picture of train services, motorway gantries, automated systems for shipping being changed or disabled, with potentially chaotic results.
Tech companies have a duty of care to protect their assets and their information. The ideal of well organised and secure data is often far from the case - data lakes/ponds are sometimes referred to as data cesspits. Investors will want to know how you care for this data - are you managing it end to end? Do you understand the risks around the technology? Are you producing metrics that are easy to understand?
When you're a startup with hundreds of plates spinning, it can be easy to feel overwhelmed with cyber security. While it might feel impossible to tick every box, the important thing is good intentions and doing the right thing - making sure you're aware of the basics, and using best practice at every opportunity. Some tips from their presentation below.
Finally, Colin's advice is to sit down and think about what the worst thing that could happen to your company with regards to cyber security could be - "get nasty" he says. Put yourself in the shoes of someone trying to do you damage, and think through what the weaknesses are. Take the time to do this - there's zero ROI for cyber security until something goes wrong.