Security Top Five For Small Software Companies

Posted on 2013-10-10
Medium Priority
Last Modified: 2016-03-23
In order to be ready to go public - what five security practices would be most essential to implement early-on for a small software company?   They are very small right now and without any IT staff but they hope to go public say in two to three years.  What practices could they start doing early on so as to be in the best shape when they are big enough to start bringing on a Security guy etc in the run-up to IPO?
Question by:amigan_99
LVL 66

Accepted Solution

btan earned 2000 total points
ID: 39565156
no special formula from what i see but checked out the roadmpa of recent cyber security company such as FireEye and Palo Alto. It is not solely the unique technology that make values but is the people and team that walks the security into action and proof their worth with customer base ranging from govt to private.

personally see it as you need evidence ready to gain public confidences on the
a) company expertise (not famed but well respected security mgmt),
b) company values (uniqueness and security ROI - how you measure)
c) company contribution assurances (VC, top customer and their use cases, 3rd party view)
d) Market security demand (where are the gaps and what fits - dont looks at all in one)
e) Global threat landscape and trend (recent news and hype, what works and fails)

Possible reason why they go IPO
- hacking and cyber attacks are becoming quite regular in the news cycle
- a lot of that are looking for data protection
- reports keep coming and the money for security products keeps flowing
- unique security solutions provider (e.g. prevent and not detect, solving tough attack like zero days or minimally reduce the exposure windows ...)

There is never a correct or right time to enter but always good to plan as you are doing now. Check out those IPO paper (Form S-1) from those company - if you think you have diffculty filling up, that is the gaps to address (not all are about technology). Definitely identifying an security advisor and get into the security community networks are critical too... Build Trust



Palo Alto Networks


Author Closing Comment

ID: 39565674
Thanks for the excellent ideas and references.

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The Windows Firewall provides an important layer of protection and a rich interface to configure it. Unfortunately, it lacks item level filtering. This article details my process of implementing firewall-as-code to reduce GPO bloat.
Cloud computing is a model of provisioning IT services. By combining many servers into one large pool and providing virtual machines from that resource pool, it provides IT services that let customers acquire resources at any time and get rid of the…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question