CHENNAI/BENGALURU: By the end of 2012, Sanjiv Singhal and his two co-founders had everything in place to launch their mutual funds startup Scripbox, but decided to hold off for a month until they were sure they were safe from every kind of cyber attack. Getting a penetration test — hiring an external agency to hack into the system to identify vulnerabilities — took a month longer but they preferred to wait rather than run the risk of exposing future customers’ da
“Being a financial services company, we had to make sure that we had a comprehensive policy on cybersecurity. Security is not something you can do post-facto. It has to be included when you are starting a business,” says Singhal.
Not all startups, however, pay as much attention to security. A recent survey by cybersecurity startup FireCompass found that cybersecurity preparedness is abysmal among most Indian startups. Small companies scored eight out of a total of 100 for security
maturity, and fintech startups are among the worst prepared. The survey also found that banks and telecom companies are better placed to handle cyber attacks, with a score of 61 each. Another study found that two thirds of small UK businesses were attacked by hackers in the past two years. India has no such data on the number or extent of attacks.