August 13, 2015
For technology startups, maintaining strong security controls remains vital to winning new business opportunities and strengthening existing relationships. Despite the global spike in cybersecurity attacks (there were 42.8 million detected cybersecurity attacks in 2014), big companies continue leveraging technology startup vendors to help perform mission-critical business functions containing access to personally identifiable information (PII), protected health information (PHI), and personal financial information (PFI). However, larger enterprises are conducting more due diligence than ever before at the outset of their procurement process, evaluating their technology vendor’s security policies and procedures and assessing the service provider’s ability to remain resilient and recover data in the event of a security breach.

Increasingly, sophisticated cybercriminals are infiltrating smaller technology providers as outlets to exploit PII, PHI, and PFI, and using such attacks to steal valuable intellectual property and disrupt critical business processes. Surprisingly, many technology startups lag behind their more mature counterparts in implementing and maintaining effective controls against common cybersecurity risks. In response, larger enterprises are prioritizing how they manage their global cybersecurity exposure, especially when engaging technology startup vendors. Technology startups planning to target large businesses should invest the time and effort to create and maintain a documented and well-organized set of information security protocols.

To view the full alert, click here.