DATA BREACHES ARE A FACT of life and regardless of size, all organizations are now a target. Data breaches come in many shapes and sizes. We won't specifically define a breach in this book because the term should actually be defined in your terms and conditions. There are many nuances to the terms breach, incident, event, and the like. For clarity, and to avoid pretending to be a lawyer, we'll define a breach as the unauthorized release of proprietary company information to the public Internet.

It doesn't matter if it was an employee or outside attacker, as we said it was unauthorized. It also doesn't matter what information, since we've said it was proprietary.

Looking at statistics you will most likely be affected by a breach at some point in your start-up's life cycle.¹ The odds increase as you move toward and then past the growth phase. The best way to prepare for and be antifragile is to take very specific and measured steps. Everything we have discussed up to this point will help to make your start-up capable of withstanding the impact of a breach, but there are additional measures to take.

CYBER INSURANCE

Cyber insurance is possibly the single easiest risk transference control you can put in place for your start-up. Nearly every major insurance carrier offers this type of insurance, and if you've selected ...