editione1.0.0
Updated October 9, 2023We have been doing the cybersecurity dance for a while—Laura recently hit her 20 year career anniversary! We’ve seen a lot, and while much has changed over the years in terms of technology, many aspects of cybersecurity have stayed depressingly the same.
We see stories in the news about large companies paying exorbitant amounts of money to regulators and their customers for losing data, or companies becoming irrelevant after undergoing an attack that also took down their competitive edge. This doesn’t even cover the hundreds of organizations that are too small for air time, that have to shut their doors after a security incident.
What we have found is that the root of these problems and pain is often a lack of the same good security practices. We want to change that for all companies, not just those big enough or established enough to afford security teams and expensive tools.
Most good security practice boils down to a simple set of foundations—unique passwords populated in a password manager, two-factor authentication prompts for each login, mindfulness and limiting of sprawling data duplicated across websites and devices, automatic or prioritization of regular updates and patching, turning off of unnecessary features, and setup of safety net monitoring emails and notifications for when things fall through the cracks.
Most organizations we have worked with suffer from these same missing foundations, building their company operations and infrastructure on a bed of sand. As these companies grow, establishing security practices can become exorbitantly costly—or come too late.
It isn’t the small business owner or organization’s fault, however. With the way technology is moving and changing, it can be hard to keep up. And when faced with making decisions to keep your company—and yourself—alive and growing, keeping your digital assets and data secure doesn’t always feel like a priority.
Additionally, there is plenty of advice for large enterprises or governments that have to comply with specific regulations and control frameworks, but there’s very little for those organizations that are too small to have security budgets or tools. We couldn’t point the smaller businesses we work with to any resources that would scale to their level and needs. The little advice that was available was hard to find for people short on time and not sure where to start. Or worse—they might rely on expensive security widgets that burn money and still may not keep their most important assets protected.
Our mission at SafeStack has always been to help as many small businesses and people as possible. Rather than building a giant consultancy and working only with wealthy businesses, we wanted to share our mix of experience, understanding, technical know-how, empathy, and pragmatism with as many people as possible. We want our expertise to be accessible and our advice easy to follow. We wanted it to be clear where to start, what to focus on, and what to do. We determined that the best vehicle for this mission would be a digital book that is searchable, shareable, and accessible. We chose to publish with Holloway so we can bring you just that.