Last year, cab aggregator Uber and restaurant search and ordering platform Zomato witnessed major data security breaches, with almost 57 million and 17 million exposed records, respectively.
Digital security company Gemalto states that in 2017, almost 2.6 billion records worldwide were stolen, lost or exposed.
“Cybersecurity attacks are becoming increasingly sophisticated,” says Manish Srivastava, CTO and co-founder, LitmusWorld, an enterprise SaaS business platform.
As start-ups look to grow and thrive, safeguarding data has become one of the foremost challenges that ventures need to tackle.
According to Shrenik Bhayani, general manager, South Asia, Kaspersky Lab, a global cybersecurity company, cybersecurity today has become an important aspect of the business. “Any small/medium enterprise that has any of their work conducted through the internet is vulnerable.”
In the second quarter of 2017, Kaspersky Lab experienced a huge wave of in-the-wild vulnerabilities due to a large number of exploits being leaked on the web, which affected multiple business enterprises. “With the consequences of data breaches becoming more expensive and destructive, during the last 12 months, businesses faced a disturbing reality: for SMBs, the average cost of a breach reached $114K in 2018, which is 30% higher than the cost in 2017. For larger enterprises, the average financial impact of a breach now reaches upto $965K. Start-ups, we feel, are at risk in this emerging digital world,” says Bhayani.
Experts say ventures are particularly vulnerable to cyber threats such as ransomware and distributed denial-of-service attacks (DDoS). Bhayani says ransomware is a specific type of malicious software (malware) that infects digital devices over a vulnerable network. "The ransomware encrypts files on the compromised computer. Users won’t be able to access files unless they get a decryption key by paying ransom to the attackers. On the other hand, DDoS renders your server inaccessible by overwhelming your network with traffic. An hour of downtime from a DDoS attack can cost up to $20 000 for a third of companies. For high transaction websites such as e-commerce platforms, this figure can be upwards of $100,000 for every hour,’’ says Bhayani.
Besides the massive costs incurred due to cyber-attacks and breaches, ventures face a whole host of other challenges since clients and customers entrust start-ups with their data. Sriram Nagaswamy, director – engineering at predictive supply chain start-up FourKites, says the biggest concern for all customers is “how their data will be protected by both the vendor and any third party services used by the vendor. Data breach affects the entire integrity of the company.”
Moreover, since most solutions today are based on the cloud, this poses additional challenges, says Srivastava. “New regulations like GDPR and country-specific regulations to keep data within the country pose significant challenges to startups. Moreover, security solutions are expensive and need to be built into financial models upfront.”
Experts say start-ups need to invest in beefing up their systems. According to the Data Security Council of India (DSCI), the cybersecurity market in India will be $35 billion by 2025. Experts say this year; enterprises are on an average allocating up to 27% of their IT budgets towards cybersecurity.
Nagaswamy says start-ups deal with potential security threats based on their resources and capability. The new-age firms need a good security framework, says Srivastava, adding that a good place to start is the International Organization for Standardization (ISO) 27001 certification that puts in place basic mechanisms for a secure environment.
“Certifications like ISO and investing in security products are ways of providing a commitment to data security. Cloud service providers like Amazon Web Services (AWS) offer their version of security products to help startups achieve an acceptable level of security,’’ says Nagaswamy.
Moreover, startups should assign a full-time chief information security officer (CISO) to navigate through the ever-increasing security landscape, feels Srivastava.
“Also, start-ups should create innovative solutions to deal with new risks. The LitmusWorld Data Masking server for example masks personally identifiable information (PII) data before sending it to the cloud. Thus, considerably bringing down security risks associated with the cloud,” says Srivastava.
And lastly, to strengthen the ecosystem, start-ups should train employees to make them aware of potential cyber threats, says Bhayani.
“The mindset that we are too small for cybercriminals should be changed. Anyone can be a target of cybercriminals,” says Bhayani.
DATA IS THE KEY
- For a good security framework, firms should get the
- ISO 27001 certification that puts in place basic mechanisms for a secure environment
- Experts say start-ups need to invest in beefing up their systems and start-ups should assign a full-time chief information security officer
- $35 bn the cybersecurity market in India will reach by 2025 estimates Data Security Council of India
- 27% of IT budgets enterprises are allocating towards cybersecurity this year
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
 "Data security")
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
)
){kind=small}
){kind=small}
)
)
)
)
)
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}