We want to design S4S to be a useful tool for a wide variety of users. This page is divided into two main sections:
- Short and anonymous survey that will allow us to better understand our audience as we keep optimizing our content
- Risk profile questions and considerations that guide security professionals when engaging in a risk assessment process for a new startup
Environment Assessment
Indicate as accurately as possible your level of agreement with each statement by responding on a scale from 1-5, where 1 means “Strongly disagree” and 5 means “Strongly agree.” Your answers will be anonymous, and you should feel free to answer honestly.
1 | 2 | 3 | 4 | 5 | |
---|---|---|---|---|---|
Strongly disagree | Disagree | Neither agree nor disagree | Agree | Strongly agree | |
I have a good grasp of information security threats against my business. | |||||
Information security is critical to my corporate operations. | |||||
Information security is critical to my product(s) and/or service(s). | |||||
My company allocates appropriate funds towards information security. | |||||
My company allocates appropriate time towards information security. | |||||
My customers use information security as a key factor when evaluating whether to do business. | |||||
I have a good grasp of information security threats against my customers. | |||||
I am confident I can meet my customers' security expectations and commitments. | |||||
My company will be adversely impacted by a security breach or by public awareness to it. |
The following security topics are important to my business: (Please drag and drop the options to the menu on the right, with the first being of greatest relevance and the last being of least relevance)
Identity and Access Management
Infrastructure security
Application security
Resiliency
Governance
Risk profile
QUESTIONS
WHY DOES IT MATTER?
Do you sell products/services to business customers (B2B)?
Selling to businesses (whether small, medium or large) entails different security requirements than selling to consumers and such differences can be significant. Although in later stages, security and compliance could eventually converge for organizations across different business models, there is typically high variance in the early stages. As such, security and compliance concerns and approaches at startups will vary based on the customer base.