How concerned should startups be about cybersecurity?

1- Very worried40%

2 - Somewhat concerned51%

3 - Low priority6%

4 - Not concerned at all1%


5k views1 Upvote4 Comments

CISO, 1,001 - 5,000 employees
If you’re going to collect any kind of data, you should be thinking about how you’re going to protect that data. On our news feed that we have coming in, every day there’s a new new breach that we hear about. Security is a problem and until we have a security-first mindset as a startup, then we’re going to keep having these problems.

And it’s only going to get worse because people are making the same problems that are very easy to fix. For example, they’re not configuring S3 buckets properly or not patching external facing systems properly. People are getting that because of these common issues and then ‘script kiddies’ and people that aren’t experts in security are black-hat hacking or finding issues and sucking down data. People really need to start thinking about problems earlier.
CISO in Software, 201 - 500 employees
All of the options may apply, depending on the situation and task at hand. Startups rarely have full-time security personnel. At the same time, there should be security-savvy people who can provide informal guidance and advice and ensure the product is built on secure engineering principles -- and this includes knowing when to worry and when to be relaxed. The systematic approach, governance, policies, security operations and everything can come later when the product proves to be viable, but if the backgrounds are designed poorly, no-one would fix that, ever.
CTO in Software, 201 - 500 employees
"Should" doesn't make it so 🙂 Of course it is best if cyber security awareness is there from the very start and best practices are organically incorporated, but for most startups to survive they need to have an almost maniacal focus on the subject matter (product, service, etc.) So, unless cyber security is critical/integral to that pursuit it's not likely to get much attention. It is what it is, not what it should be 🙂
Director of Technology Strategy in Services (non-Government), 2 - 10 employees
It's easier to address it from the start than to add it back in later.

Content you might like

IPA has significantly improved our operations.7%

IPA has not brought much change to our operations.34%

IPA is very similar to traditional automation in our company.25%

IPA is quite different from traditional automation in our company.10%

Our company had a smooth implementation of IPA.2%

Our company faced some challenges during the implementation of IPA.5%

Our organization has integrated IPA with other technologies such as RPA and BPM.2%

Our organization has not yet integrated IPA with other technologies.8%

We have not yet encountered any significant challenges with IPA.2%

Our organization has automated some processes using IPA.2%


1.4k views1 Upvote1 Comment

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
46.4k views133 Upvotes323 Comments

Yes - Maine did the right thing. There are too many security risks with free versions of these tools. Not enough copyright or privacy protections of data.30%

No, but.... - You must have good security and privacy policies in place for ChatGPT (and other GenAI apps). My organization has policies and meaningful ways to enforce those policies and procedures for staff.56%

No - Bans simply don't work. Even without policies, this action hurts innovation and sends the wrong message to staff and the world about our organization.9%

I'm not sure. This action by Maine makes me think. Let me get back to you in a few weeks (or months).3%


8.8k views9 Upvotes1 Comment