Cybersecurity for Entrepreneurs

Chapter 1
Cybersecurity: The Sunscreen of the
Information Technology World 1
1.1. Cybersecurity: Don't Get Burned! 1
1.2. A Gap in Cybersecurity Education 3
1.3. So Why Should You Care? 4
1.4. Who Is Peter the Salesman? 4
1.5. What Will You Learn in this Book? 6
References 7
Chapter 2
Cybersecurity Advice from the
Angel and the Devil 9
2.1. Peter the Salesman Meets the Angel and
the Devil 9
Chapter 3
Securing Your Communications: E-mail,
Web, and Phone 15
3.1. Introduction 15
3.2. "Left of Bang" Cybersecurity Awareness 16
Contentsviii
3.3. Communication Dos and Don'ts 18
3.4. E-mail 19
3.4.1. Limitations of E-mail Security 19
3.4.2. Secure E-mail 20
3.4.3. Phishing and Spear Phishing 21
3.5. Web Safety 21
3.5.1. Cloud Security 21
3.5.2. Web Security 22
3.5.3. Web Tracking 22
3.5.4. Bad Sites and Links 23
3.6. Phone 23
3.6.1. Recommended Phones 23
3.6.2. Secure Phones "As Seen on TV" 24
3.6.3. Voice, Text, and Messaging 24
3.6.4. Cars, Events, and Overseas Travel 25
3.6.5. PACE Communications 25
3.7. Post Quantum Cryptography 26
3.8. Conclusions 26
References 27
Chapter 4
Protect Your Financial Transactions
Now! Cybersecurity and Finance for
the Entrepreneur 31
4.1. Introduction 31
4.2. A Little Background on Data Breaches that
an Entrepreneur Should Consider 32
4.3. How to Keep Your Finances Safe 34
4.3.1. Identity and Access Management (IAM) 34
4.3.2. Data Encryption 35
4.3.3. Business Continuity (Backup and Restore!) 35
Contents ix
4.4. The Cloud, Data, and Software-as-a-Service 36
4.4.1. API Security 38
4.5. Credit Card Processing Compliance and
Standards 39
4.6. Conclusions 41
References 41
Chapter 5
Who Needs a VPN? 43
5.1. Introduction 43
5.2. What Is a VPN? 43
5.3. But No One Is Spying on Me 47
5.4. Do I Need to Use a VPN When Surfing the
Internet? 51
5.4.1. Wow! It Is Hopeless! 52
5.4.2. Threats to VPN Traffic Are Everywhere! 52
5.5. What Features Matter Most in a Modern
VPN Service? 53
5.6. It Is 2023, What VPN Fits the Bill? 54
5.7. Conclusions 55
References 57
Chapter 6
Securing Your IoT Devices 59
6.1. Introduction 59
6.2. Reduce Your Attack Surface 60
6.3. Keep Your Devices Updated 61
6.4. Cutting Out the "Middle Man" 63
6.5. Practice Good IoT Cyber Hygiene 66
Contentsx
6.6. Conclusions 69
Reference 70
Chapter 7
Product Security for Entrepreneurs
Selling Digital Products or Services 71
7.1. Introduction 71
7.2. Flaws in Digital Products Can Be Expensive 72
7.3. Shifting Security Earlier 73
7.4. A Basic Security Approach 75
7.5. Threat Modeling 77
7.6. Testing 81
7.7. Sustainment 85
7.8. Conclusions 89
References 90
Chapter 8
Strategic Startup in the Modern Age:
Cybersecurity for Entrepreneurial
Leaders 93
8.1. Introduction 93
8.2. Modern Entrepreneurial Strategies 95
8.2.1. Effectuation 96
8.2.2. Design Thinking 96
8.2.3. Systems Thinking 97
8.2.4. Entrepreneurial Thinking 98
8.3. Modern Entrepreneurial Tools 99
8.3.1. Business Model Canvas 99
8.3.2. Lean Startup 100
8.3.3. Customer Development 100
Contents xi
8.4. Modern Entrepreneurial Networking 101
8.4.1. Entrepreneurial Ecosystems 101
8.4.2. Ecosystem Builders 102
8.5. Value of Entrepreneurial Strategies, Tools,
and Networking in the Digital Age 103
References 105
Chapter 9
Cyber Law for Entrepreneurs 107
9.1. Introduction 107
9.2. Federal Laws, Executive Orders, and
Regulations 108
9.2.1. Federal Laws and Regulations 108
9.2.2. Executive Orders 113
9.3. State Laws, Regulations, and Executive Orders 115
9.3.1. Data Breach Laws 115
9.3.2. Minimum Standard and Reasonable Data
Security Measure Laws 118
9.4. European Union and International
Requirements 121
9.5. Practical Considerations: How Cyber Law
Can Directly Impact Your Business 123
9.5.1. General Recommendations 123
9.5.2. Cybersecurity Terms in Contracts 124
9.6. Conclusion 124
Chapter 1 0
Cyber Economics: How Much
to Spend on Cybersecurity 127
10.1. Introduction 127
10.2. Value of Your Product or Service 128
Contentsxii
10.3. Cybersecurity as a Cost Center versus a
Profit Center 130
10.4. How Much to Spend: Common Economic
Measures of Cybersecurity Spending 132
10.4.1. Return on Investment (ROI) 132
10.4.2. Risk-Based Return on Investment for
Cost Center Spending 134
10.4.3. Delayed Net Present Value and
Catastrophic Cybersecurity Incidents 139
10.5. Estimating Costs, Benefits, and Other
Information 144
10.6. Conclusions 145
Chapter 1 1
Cyber Insurance for Entrepreneurs 147
11.1. Introduction 147
11.2. What Is Cyber Insurance? 151
11.3. When and How Do I Buy Cyber Insurance? 152
11.3.1. When Should I Buy Cyber Insurance? 152
11.3.2. How Do I Get Cyber Insurance and Who
Should I Contact? 153
11.3.3. How Do I Apply for Cyber Insurance? 153
11.4. What Are Some Controls That Would
Be Important? 155
11.4.1. Network Security Vulnerabilities 155
11.4.2. Email Security 155
11.4.3. Internal Security Controls 156
11.4.4. Backup and Recovery 157
11.4.5. Phishing 158
11.5. What Are Some Important Contractual
Aspects to Know about the Insurance Policy? 160
11.6. What Are Some Important Parts of the
Insurance Policy to Pay Attention To? 160
Contents xiii
11.7. First- and Third-Party Insuring Agreements 162
11.7.1. First Party 162
11.7.2. Third Party 165
11.8. Conclusions 167
References 168
Disclaimer 168
Chapter 1 2
Cyber Resilience for Entrepreneurs 169
12.1. Protection versus Performance 169
12.2. Introducing Resilience 170
12.3. Holistic Approach 173
12.4. Resilience as a Cycle 175
12.5. Design Principles 178
12.6. Taking Action 180
12.7. Conclusions 182
Chapter 1 3
Cybersecurity for Entrepreneurs... and
Beyond 183
13.1. So What Have We Learned in this Book? 183
13.2. Epilogue: Peter Looks toward the Future 186
About the Authors 189
About the Illustrator 205
Index 207