According to Maslow’s Hierarchy of Needs, one of the most foundational needs everyone takes priority to satisfy is safety, and that idea is prevalent in almost everything we do. From the cars we drive, the planes we ride, and the actions we take, safety is one of our first concerns, yet whenever we boot up a computer or click on a website, safety isn’t in our minds. Sure, we might take simple steps to make our web-surfing experience more secure by downloading security software, using two-step verification, or attaching a sticky note onto our front-facing cameras; however, is that enough? According to Rohit Sethi, CEO of Security Compass, that’s not enough, and surprisingly, a lot of software-related companies aren’t taking necessary steps to protect themselves from cyber attacks.
One of the major reasons why companies aren’t building software with cybersecurity in mind is cost. Cybersecurity is a cost center—it doesn’t bring in any revenue—and for most startups, that’s a major problem. Cybersecurity is an investment that requires time and money upfront—things most startups struggle to have, but building software without any security risks can greatly reduce risk and save time making patches in the future. For example, spending the extra time and money upfront is much cheaper and time efficient if the software is locked down by ransomware.
Another reason is that cybersecurity is still an evolving industry. Cybersecurity wasn’t a topic most companies and politicians discussed until the recent SolarWinds hack in 2020 and the Colonial Pipeline breach in 2021. While the Federal Government has provided a lengthy document that provides companies a basic standard to follow, the items are generalized and can be complicated for readers.
So, if cybersecurity is necessary for every company but is expensive, time consuming, and evolving, how are companies expected to keep up? Enter Security Compass, a Toronto, Canada-based cybersecurity company that helps companies build software that manages cybersecurity risk while also not slowing the company down.