CIOTechOutlook >> Magazine >> December - 2015 issue

Why is Security Critical For New Age Businesses

By

Headquartered in Vadodara, Gujarat, Indusface is a SaaS-based security company providing Total Application Security that ‘detects, protects, and monitors’ web and mobile applications.


Apart from huge financial repercussions, a single data breach incident can severely damage the reputation of a company for years to come.

Most of the data breach incidents that we hear about involve large companies, with losses amounting to billions of dollars. But do these stories, or any other breach story for that matter, tell us about how startups and new-age cloud businesses suffer from information security lapses?

It is important to consider the fact that a much larger part of the problem is with smaller companies.Take this data for instance. According to the US Census Bureau, out of all the employers in the United States, 99.7 percent have less than 500 employees. If you break down that data a bit more, 89.8 percent of these businesses have less than 20 employees. The data resonates with most countries in the world including Australia, Brazil, India, France, Italy, and Japan. That’s the strength of startup businesses and that is why it’s a chunk of the security process.
Never too small for a hacker
Any business that believes it is too small to be of interest to a cybercriminal could be in for a rude shock. According to a security survey conducted by PwC, 87 percent of SMEs have had a security breach in the last year.

A global data breach analysis by the Ponemon Institute reveals:
• The average cost of a data breach is $3.79 million.
• There has been a 23 percent rise in data breach cost in the last two years.
• Every stolen record from the database costs $154 on an average.
• India stands second in average number of breached records by countries.

Although the financial repercussions are huge, startups and new-age cloud companies also need to be wary of reputation damage. Their battle for existence and preference over competition depend solely on what customers and prospects presume about the business. And a single data breach or website outage incident can damage that for years to come.

The rapidly evolving cyberspace is also witnessing a change in the nature of threats and vulnerabilities that affect every online business, big or small. With new age businesses increasingly using cloud and mobile infrastructure, the exposure to external threats is only increasing. Some of the common incidents like DDoS attacks specifically target smaller, more vulnerable businesses with weak security infrastructure.

Need for Effective Security Intelligence
It’s understandable that information security is not a priority for small businesses focused on raising capital, promoting products and managing people. However, it cannot be ignored either. Hackers continuously look for weak websites and database to hold them for ransom or breach sensitive information to be sold in the black market.

Studies have shown that average per capita cost (total cost of breach divided by number of stolen or lost records) for data breaches outweighs security expenses by huge numbers even when we have not calculated the loss of reputation and drop in traffic and business.

The big questions are: Can you afford security? Does the security model for startups need to be different from enterprise one?
Not necessarily. They should also get enterprise-grade security models that are comprehensive but not overly complex. What they need is a ‘Total Application Security’ Model that empowers websites or online businesses with continuous monitoring and security that does not need to be micromanaged.

Detect, Protect, Monitor Approach for Total Application Security
What are the key obstacles to website security? One, startups do not know if their website can be hacked or not. Even if they test it once, applications are updated frequently and there is no way to get vulnerability updates on that.

Three, bad people are just waiting to launch DDoS (distributed denial-of-services) attacks with these fancy bots and machines that send so much traffic to the website that the server crashes.


On The Deck

CXO Insights

M2M: Communication will Drive the Future of...

By Bhavin Barbhaya - VP, Network & Data Center, AGC Networks Limited

How much does one hour of downtime cost your...

By Srinivasan CR, Senior Vice President, Global Product Management & Data Centre Services, Tata Communications

Improving Customer Experience with a Dedicated...

By Nitin Singhal, Senior Director, CX Solutions, Oracle India

Facebook