Startups Need to Learn From Big Business

It’s a proven statistic that 90% of startups fail. There are a variety of reasons for failing to get your business off the ground, from poor marketing, not understanding the market and being in bad location to compliance problems, security issues and more. One thing that every startup can do, though, is learn one major thing from Big Business: Proper cybersecurity and code quality implementation.

On July 15th, Twitter was hacked by a 17-year old amateur. On July 23rd, fitness brand Garmin was the victim of a ransomware attack. Two days ago, on August 5th, Bank of America experienced a glitch where customer account balances incorrectly showed as $0. The BoA issue isn’t necessarily a cybersecurity issue, but it is likely a coding quality issue and the two go hand in hand.

Twitter got lucky that more damage wasn’t done, that it was a 17-year old who masterminded the operation because someone more experienced would have definitely extorted the company for millions. Which is exactly what happened to Garmin.

Garmin is believed to have been hit with WastedLocker ransomware. According to The Verge, “The attack itself began on July 23rd, and put Garmin’s wearables, apps, website, and even its call centers offline for several days. Garmin confirmed that it had been the victim of a cyberattack on July 27th, as many of its services were starting to come back online. Its statement did not say whether it had paid a ransom in response to the attack, but noted that no customer data was accessed, lost, or stolen.”

The reason that no customer information was compromised is because Garmin paid the ransom. As we’ve discussed in the past, sometimes the ransom is cheaper than not paying the ransom. Garmin could not figure out how to decrypt the virus implanted on their servers, so after a few days they determined it was in their best interest to pay the ransom. The attackers demanded $10 million, although the actual amount paid is unknown.

Bank of America’s glitch, while the origin of the problem is not known, is a coding problem. Coding and cybersecurity should always go hand in hand. Coders who code securely ensure the safety of their company’s information. Insecure coding results in weaknesses that hackers can exploit. So even if the glitch turns out to be a typo somewhere in the code, it must be addressed. Customers are not happy with BoA right now, but they’ll be even more upset should a hacker get into their accounts.

So what can startups learn from these three companies? Don’t skimp on cybersecurity. And don’t skimp on technology and coding. Many execs in business tend to push it off until “later” or want to wait until they’ve grown. Look for the quick, cheap and sometime dirty options. Startups especially think they won’t be targeted because they are an unknown business. Or that consumers will be forgiving – they won’t.

Hacker’s tactics have changed. They now hack indiscriminately. They don’t care who you are, how big you are or what information you have. Information is their currency, so whatever information they get is money in their pockets.

It can be difficult for startups to want to implement strict cybersecurity measures because it’s an added expense. But we live in the Wild West of the internet age where laws and regulations have not yet caught up to criminals. We’re making headway, but we aren’t there yet. So even though it’s an added cost, especially if you need to hire an expert to help you, it’s a must for every business, no matter how new or how small. If you want to be in that 10% of businesses that succeed, you have to protect yourself and your customers. And this extends beyond just cybersec, if you are writing a line of code for your business and you probably are – make sure someone who is an expert is, at minimum, reviewing that code.

Twitter, Garmin and Bank of America are all big businesses with millions of dollars available. As a startup, you have to consider this question: Could your business survive a cyber-attack, or misplacing everyone’s shipment for a few days, or worse going off line for a few days, showing users the wrong account information? Most likely, the answer is no. Be proactive. Protect yourself, your business, your partners, your clients and customers. Ensuring the security of sensitive and proprietary information is essential to success.

About the Author

PWV Consultants is a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. Founded by 20-year software engineering veterans, who have founded or co-founder several companies. PWV experts act as a trusted advisors and mentors to numerous early stage startups, and have held the titles of software and software security executive, consultant and professor. PWV's expert consulting and advisory work spans several high impact industries in finance, media, medical tech, and defense contracting. PWV's founding experts also authored the highly influential precursor HAZL (jADE) programming language.

Contact us

Contact Us About Anything

Need Project Savers, Tech Debt Wranglers, Bleeding Edge Pushers?

Please drop us a note let us know how we can help. If you need help in a crunch make sure to mark your note as Urgent. If we can't help you solve your tech problem, we will help you find someone who can.

1350 Avenue of the Americas, New York City, NY