According to The Economic Times survey, more than 39,000 Indian startups sprung up in 2020-21 that have created almost 4,70,000 jobs. Indian nation currently claims to have the third largest startup ecosystem in the world. In fact, in 2020 alone, despite the pandemic situation, the government opened up the space for private players to serve the country on space and satellite projects with funding, teams and structure. This number is expected to rise fast as technology plays a pivotal role to unlock India’s potential in space, aerospace, astrophysics and other emerging areas.
But startups will have to ensure stronger cyber-defenses. Statistics prove that when it comes to cyber risks, the size of an organization is irrelevant. According to Ponemon Institute’s research, 67% startups suffer data breach or any other cyber incident within one year of inception. Adding to this, Forbes has found that phishing and ransomware attacks among startups have risen to almost 300%.
It precisely points out that cyber criminals are no more concerned about the volume of data, or the size of an organization.
Where is the concern?
We are dwelling in the era of digitalization. Today, the business startups that are mushrooming across the country require technical prowess to survive the cut-throat competition. In order to stay a step ahead, most of the startups bank on advanced technologies. It is a ripe time for aspiring entrepreneurs to ensure secure IT practices right from the initiation of business. Today, even small businesses are equally at the risk of cyber threats as large enterprises. A preconceived notion that your business is too small to be a target is no more a fact.
Small startups typically have vulnerable IT defences, less cybersecurity awareness, less/ no resources to heep a vigil on cybersecurity and the response is typically slower to any cyber incident. This makes them more vulnerable targets to cyber criminals compared to larger organizations.
Compliance is another challenge! Even the smallest startups have access to a huge customer database that might fall under data regulations. Losing a hefty amount of money in a single stray incident might not only malign the credibility of the startup, but also bankrupt it beyond recovery. Thus, a startup becomes a soft target for hackers as chances of fight-back or other preventive consequences are too bleak.
Why is Cyber Resilience necessary?
Small startups need to be active, aware and knowledgeable about emerging threat patterns and how to address them. Today, most of the startups are directly or indirectly associated with ecommerce platforms.
The post pandemic era has witnessed a whooping demand for digital payment modes in every aspect of our lives. Technology and ecommerce startups make and receive a high volume of digital payments along with huge storage and processing of data records. Thus, startups, even with small IT infrastructure, become prone to vulnerabilities like weak access controls, authentication, and lack of monitoring of insider and third-party IT activities.
There have been instances where identity and access management vulnerabilities have led to data breaches. For startups, a single similar incident might work as a barrier to the establishment of brand value and reputation.
In this backdrop, a robust identity and access management practice is highly imperative for business startups as it allows the administrators to ensure authorized access for every login. A robust identity and access management system can ensure that each and every access to data resources is safe and secure.
In addition, some generic cautiousness can ensure no unwanted interruption in the business process for new ventures. These include adhering to the compliance standards, incorporating robust password management policy, and appointing a dedicated team (even if small, maybe 2 / 3 people) for regular end to end monitoring.
Business Startups are the future of any nation. Hence, if it remains vulnerable to IT threats, then the nation’s growing economy can be marred by uncertainty. Numerous threat patterns target small businesses every now and then. The best way to prevent these threats is to have a comprehensive set of IT security tools in place, and to utilize Security Awareness Training to ensure that the users are aware of the threat patterns. This way, business startups can meet their revenue goals and contribute to the GDP.