From the course: Building an Effective Cybersecurity Program for Your Startup
Leveraging assessments
From the course: Building an Effective Cybersecurity Program for Your Startup
Leveraging assessments
- [Instructor] Assessments can help you understand where your cybersecurity program stands today, as well as the steps you may want to take to better align it with your business goals going forward. To do this effectively, it's important that you understand the different types of cybersecurity assessments, how they're performed, then what to expect from each outcome. First and foremost, assessments are qualitative exercises. There're often a point in time snapshot of a specific aspect of your cybersecurity program and the results can range from general observations and recommendations to very specific detailed findings. That said, every assessment worth the time and money that you invest into it, should come with detailed guidance for the steps you should take next, and if the folks conducting your cybersecurity assessments aren't mapping their efforts to your startup's business goals, then they're missing out on an opportunity to help you articulate the business value of your cybersecurity program to your partners, your prospects, and your customers. I mentioned earlier that security and privacy are market differentiators, but don't take my word for it, take Apple's. In may of 2022, Apple released an ad titled, "Data Auction." You can watch the full 94 second ad at this link, and I highly recommend that you do so. In this ad a young woman at a record store stumbles across a secret auction where the auctioneer is selling all of her personal data. The ad doesn't tout features like screen size or download speeds, instead it sells one single idea, that Apple enables users to quickly and simply take control of their digital privacy. It's a powerful ad, and one, that at first glance, may seem entirely unnecessary for a company that sold 239 million iPhones in 2021, do they really need to be making commercials about digital privacy? More to the point, if Apple sees security and privacy as market differentiators, would your startup benefit from adopting a similar perspective? Effective cybersecurity programs are a consumer expectation. They don't want to know the details, but they do want to know that they can trust your startup with their data. And those expectations are even more pronounced for your partners and your business to business customers. Without an assurance of mutual trust, those relationships will be short lived. Building cybersecurity into your startup helps establish that trust and build those relationships and assessments are the tools you should be using to build a program that's right for your startup. There are four types of cybersecurity assessments I recommend for every startup. Risk assessments, security control assessments, compliance assessments and penetration tests. I recommend that you perform each one and that you perform them in this order. In the next few videos, I'll break down each type of assessment to help your startup maximize the value from each one.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.