Startups often work in a way where security can quickly be forgotten or get in the way. GrowSecure aims to offer affordable cyber security solutions that work with companies, support culture and help startups fold security tightly into their road map to success

What is GrowSecure – what problem are you solving? 

GrowSecure was born with a single principle in mind – to provide exceptional, on-demand security services for demanding, high-growth businesses. Real-world experience across both large corporate and startup environments exposed gaps in both approaches – and our team bring a wealth of experience in how best to analyse, recommend and deliver security policy for startups and scale-ups.

In starting, we took it back to basics, and designed a model specifically to deliver cost-effective, measurable security improvements, based on combining large corporate experience with startup agility. Building a close, strategic partnership, we help you fold security tightly into your roadmap to success and help to continually iterate on and improve your security posture. We’re focused on delivering a position as a trusted advisor and hands-on team member, at a cost bracket that is realistic.

What does that mean ‘Cyber security for startups’? How are security concerns and prevention different for startups?

Startups really are more unique when it comes to cyber security. They often process huge amount of customer data or other sensitive data such as financial information or personal data given their size. At the same time, they operate in a very agile way with small teams at incredible pace. This means that often there is no money budgeted for security. Secondly, startups work in a way where security can quickly be forgotten or get in the way.

So, the key is to look at the culture of a given startup, how the teams work together and weave security into their everyday approach. Bringing a traditional big corporate approach will break the company. At the same time whilst they are often small companies, they have a lot of media coverage and can attract various types of cyber criminals. The emphasis must be placed on creating a positive security culture, really educating users and then tackling the basics.

Why do so many startups place security concerns at such a low priority?

Security can often be seen as a blocker. However, this is absolutely not the case. Security can really help a company build trust and transparency, help optimise costs and help organisations collaborate better. The other issue is that if you are pre profitability, or pre-market launch, the priorities tend to focus on product development and market growth i.e. sales and marketing. That leaves very little budget for security which can sometimes seem quite a big investment. This is why GrowSecure offers realistic and affordable pricing.

What advice would you give new startups in this space?

My advice is to focus on three key areas:

• Risk
• Technical Security
• Working Practices

Have a basic risk management process and governance framework. At least think about your main risks and document them. That way you are halfway to managing the key risks. When thinking about technical security:

• Assign security champions in each team that take responsibility for security, especially in dev and engineering teams.
• Patch vulnerabilities, at the very minimum for external facing assets.
• Test for common security vulnerabilities before deploying to production, the OWASP (Open Web Application Security Project) is a great source of information.
• Lastly, look at the way you work as an organisation – train and trust your employees.

Be proactive in managing security risks and create a positive culture. This also means looking how you work together and how you work with tools and software. Should you be using the software the way you do? Should you be sending personal data over certain channels?

We have an array of craft beers and independent music at FinTECHTalents – Give us a great song to listen to AND tell us your favourite tipple .

My absolute favourite song of all time is Yellow Ledbetter by Pearl Jam. Everyone should hear this song at least once in their life. When it comes to beer, I really like a good German beer. A great one is a Hefe-Weizen, which is a German wheat beer. Extra tip, if you have a sweet tooth this can be really refreshing in the summer with a shot of banana syrup – Bananen-Weizen!