This guide includes some of my favorite resources that I believe can serve as a great starting point for founders to use and build a strong security foundation for their startups.
Please make sure you check-out Isaiah’s post and the Denver presentation above; both of these are extremely thoughtful and valuable pieces!
|Start Here||Security Planner, DIY Cybersecurity, Take-Five (financial fraud focus), APWG, SSD|
|Multi-Factor Authentication Availability||TwoFactorAuth|
|Password Manager||Quick Guide, Password Strength Test, Identify Compromised Account|
|Browser Extensions||Privacy Badger, HTTPS Everywhere,|
|Application Security||OWASP, Checklist/EBooks, Secure Coding Course, DIY Hack|
|Sensitive Info Sharing||Wire, Wire’s Audit, Signal, Signal’s Audit|
|System Encryption||PC, MAC: Src1, Src2 Portal Media: Src1, Src2|
|OS Update||PC, MAC|
|Separate Work & Personal on a Budget||VirtualBox, VMWare Player, Workstation Pro, MAC Fusion, Trial Virtual Machines, Live OS|
|The principle of Least Privilege||Windows 10, Windows 7, MAC OS|
|Backup Everything||PC, MAC|
|Who’s Watching||Privacy Screens, Webcam Covers|
|Prevent Accidental Data Exchange||SyncStop|
|Report Abuse / Take Down Request||AWS, Azure, Google Cloud, Salesforce, Cloudflare|
|Check/Request Domain Category||Google, Windows Defender, Norton, Symantec, McAfee, Palo Alto, Web of Trust|
|Internet Crime Complaint Center||IC3|
|Public Security Page||Security Page|
|Security Education/Awareness||Stop.Think.Connect, Interactive Game, Safe Online,|
|Sector-based Information Sharing and Analysis Centers||ISACs|
|Cyber Readiness Index by Country||CRI|
Report Google: to report an incorrect marked page as phishing to Google: https://safebrowsing.google.com/safebrowsing/report_error/?hl=en
If you found this helpful please let me know by sending me your comment and feedback below!
I plan to keep this a live list so if you know of a resource that is not already listed but will benefit others, feel free to share and I will make sure to include it!
Also, as you may know, Phishing remains as the most common tactic used by attackers to compromise both companies and individuals.
“Three out of ten people will open a phishing email while one of those will proceed to click on the link, possible infecting not only their own computer but the whole firm”. – Ref.
As part of this post, I am offering a practical, hands-on training on how you can triage and respond to Phishing attacks to protect yourself, your employees and ultimately your company.
Complete the form below and let me know if you would like to learn more!