Cybersecurity for Entrepreneurs

"Chapter 1 Cybersecurity: The Sunscreen of the Information Technology World 1 1.1. Cybersecurity: Don't Get Burned! 1 1.2. A Gap in Cybersecurity Education 3 1.3. So Why Should You Care? 4 1.4. Who Is Peter the Salesman? 4 1.5. What Will You Learn in this Book? 6 References 7 Chapter 2 Cybersecurity Advice from the Angel and the Devil 9 2.1. Peter the Salesman Meets the Angel and the Devil 9 Chapter 3 Securing Your Communications: E-mail, Web, and Phone 15 3.1. Introduction 15 3.2. ""Left of Bang"" Cybersecurity Awareness 16 Contentsviii 3.3. Communication Dos and Don'ts 18 3.4. E-mail 19 3.4.1. Limitations of E-mail Security 19 3.4.2. Secure E-mail 20 3.4.3. Phishing and Spear Phishing 21 3.5. Web Safety 21 3.5.1. Cloud Security 21 3.5.2. Web Security 22 3.5.3. Web Tracking 22 3.5.4. Bad Sites and Links 23 3.6. Phone 23 3.6.1. Recommended Phones 23 3.6.2. Secure Phones ""As Seen on TV"" 24 3.6.3. Voice, Text, and Messaging 24 3.6.4. Cars, Events, and Overseas Travel 25 3.6.5. PACE Communications 25 3.7. Post Quantum Cryptography 26 3.8. Conclusions 26 References 27 Chapter 4 Protect Your Financial Transactions Now! Cybersecurity and Finance for the Entrepreneur 31 4.1. Introduction 31 4.2. A Little Background on Data Breaches that an Entrepreneur Should Consider 32 4.3. How to Keep Your Finances Safe 34 4.3.1. Identity and Access Management (IAM) 34 4.3.2. Data Encryption 35 4.3.3. Business Continuity (Backup and Restore!) 35 Contents ix 4.4. The Cloud, Data, and Software-as-a-Service 36 4.4.1. API Security 38 4.5. Credit Card Processing Compliance and Standards 39 4.6. Conclusions 41 References 41 Chapter 5 Who Needs a VPN? 43 5.1. Introduction 43 5.2. What Is a VPN? 43 5.3. But No One Is Spying on Me 47 5.4. Do I Need to Use a VPN When Surfing the Internet? 51 5.4.1. Wow! It Is Hopeless! 52 5.4.2. Threats to VPN Traffic Are Everywhere! 52 5.5. What Features Matter Most in a Modern VPN Service? 53 5.6. It Is 2023, What VPN Fits the Bill? 54 5.7. Conclusions 55 References 57 Chapter 6 Securing Your IoT Devices 59 6.1. Introduction 59 6.2. Reduce Your Attack Surface 60 6.3. Keep Your Devices Updated 61 6.4. Cutting Out the ""Middle Man"" 63 6.5. Practice Good IoT Cyber Hygiene 66 Contentsx 6.6. Conclusions 69 Reference 70 Chapter 7 Product Security for Entrepreneurs Selling Digital Products or Services 71 7.1. Introduction 71 7.2. Flaws in Digital Products Can Be Expensive 72 7.3. Shifting Security Earlier 73 7.4. A Basic Security Approach 75 7.5. Threat Modeling 77 7.6. Testing 81 7.7. Sustainment 85 7.8. Conclusions 89 References 90 Chapter 8 Strategic Startup in the Modern Age: Cybersecurity for Entrepreneurial Leaders 93 8.1. Introduction 93 8.2. Modern Entrepreneurial Strategies 95 8.2.1. Effectuation 96 8.2.2. Design Thinking 96 8.2.3. Systems Thinking 97 8.2.4. Entrepreneurial Thinking 98 8.3. Modern Entrepreneurial Tools 99 8.3.1. Business Model Canvas 99 8.3.2. Lean Startup 100 8.3.3. Customer Development 100 Contents xi 8.4. Modern Entrepreneurial Networking 101 8.4.1. Entrepreneurial Ecosystems 101 8.4.2. Ecosystem Builders 102 8.5. Value of Entrepreneurial Strategies, Tools, and Networking in the Digital Age 103 References 105 Chapter 9 Cyber Law for Entrepreneurs 107 9.1. Introduction 107 9.2. Federal Laws, Executive Orders, and Regulations 108 9.2.1. Federal Laws and Regulations 108 9.2.2. Executive Orders 113 9.3. State Laws, Regulations, and Executive Orders 115 9.3.1. Data Breach Laws 115 9.3.2. Minimum Standard and Reasonable Data Security Measure Laws 118 9.4. European Union and International Requirements 121 9.5. Practical Considerations: How Cyber Law Can Directly Impact Your Business 123 9.5.1. General Recommendations 123 9.5.2. Cybersecurity Terms in Contracts 124 9.6. Conclusion 124 Chapter 1 0 Cyber Economics: How Much to Spend on Cybersecurity 127 10.1. Introduction 127 10.2. Value of Your Product or Service 128 Contentsxii 10.3. Cybersecurity as a Cost Center versus a Profit Center 130 10.4. How Much to Spend: Common Economic Measures of Cybersecurity Spending 132 10.4.1. Return on Investment (ROI) 132 10.4.2. Risk-Based Return on Investment for Cost Center Spending 134 10.4.3. Delayed Net Present Value and Catastrophic Cybersecurity Incidents 139 10.5. Estimating Costs, Benefits, and Other Information 144 10.6. Conclusions 145 Chapter 1 1 Cyber Insurance for Entrepreneurs 147 11.1. Introduction 147 11.2. What Is Cyber Insurance? 151 11.3. When and How Do I Buy Cyber Insurance? 152 11.3.1. When Should I Buy Cyber Insurance? 152 11.3.2. How Do I Get Cyber Insurance and Who Should I Contact? 153 11.3.3. How Do I Apply for Cyber Insurance? 153 11.4. What Are Some Controls That Would Be Important? 155 11.4.1. Network Security Vulnerabilities 155 11.4.2. Email Security 155 11.4.3. Internal Security Controls 156 11.4.4. Backup and Recovery 157 11.4.5. Phishing 158 11.5. What Are Some Important Contractual Aspects to Know about the Insurance Policy? 160 11.6. What Are Some Important Parts of the Insurance Policy to Pay Attention To? 160 Contents xiii 11.7. First- and Third-Party Insuring Agreements 162 11.7.1. First Party 162 11.7.2. Third Party 165 11.8. Conclusions 167 References 168 Disclaimer 168 Chapter 1 2 Cyber Resilience for Entrepreneurs 169 12.1. Protection versus Performance 169 12.2. Introducing Resilience 170 12.3. Holistic Approach 173 12.4. Resilience as a Cycle 175 12.5. Design Principles 178 12.6. Taking Action 180 12.7. Conclusions 182 Chapter 1 3 Cybersecurity for Entrepreneurs... and Beyond 183 13.1. So What Have We Learned in this Book? 183 13.2. Epilogue: Peter Looks toward the Future 186 About the Authors 189 About the Illustrator 205 Index 207"