IN THIS CHAPTER

Recognizing the differences between large enterprise information security and small business information security

Understanding the CISO role

Exploring the regulations and standards that impact large enterprises

Many of the information security challenges facing large enterprises and small business are the same. In fact, over the past decade, cloud-based offerings have brought to small businesses many well-protected systems with enterprise-class technologies, reducing some of the historical differences between the firms of different sizes as far as the architecture of some systems is concerned.

Of course, many security risks scale with enterprise size, but don’t qualitatively differ based on the number of employees, partners, and customers that a business has or the size of its information technology budget.

At the same time, however, bigger companies often face significant additional complications — sometimes involving orders of magnitude more complexity than the cybersecurity challenges facing small businesses. A large number of diverse systems, often spread across geographies, with custom code and so on, often make ...