{"id":4666,"date":"2016-11-07T08:53:05","date_gmt":"2016-11-07T08:53:05","guid":{"rendered":"http:\/\/www.onomi.co.uk\/?p=4666"},"modified":"2018-08-21T11:17:53","modified_gmt":"2018-08-21T10:17:53","slug":"start-ups-embrace-iso-27001","status":"publish","type":"post","link":"http:\/\/content.n4stack.io\/2016\/11\/07\/start-ups-embrace-iso-27001\/","title":{"rendered":"Why Start Ups should embrace ISO 27001:2013"},"content":{"rendered":"
[et_pb_section bb_built=”1″ admin_label=”section” transparent_background=”off” allow_player_pause=”off” inner_shadow=”off” parallax=”off” parallax_method=”on” padding_mobile=”off” make_fullwidth=”off” use_custom_width=”off” width_unit=”off” custom_width_px=”1080px” custom_width_percent=”80%” make_equal=”off” use_custom_gutter=”off” fullwidth=”off” specialty=”off” disabled=”off” custom_padding_tablet=”50px|0|50px|0″ custom_padding_last_edited=”on|desktop” prev_background_color=”#000000″ next_background_color=”#000000″][et_pb_row admin_label=”row” make_fullwidth=”off” use_custom_width=”off” width_unit=”off” custom_width_px=”1080px” custom_width_percent=”80%” use_custom_gutter=”off” gutter_width=”3″ padding_mobile=”off” allow_player_pause=”off” parallax=”off” parallax_method=”on” make_equal=”off” column_padding_mobile=”on” parallax_1=”off” parallax_method_1=”on” parallax_2=”off” parallax_method_2=”on” parallax_3=”off” parallax_method_3=”on” parallax_4=”off” parallax_method_4=”on” disabled=”off” background_position=”top_left” background_repeat=”repeat” background_size=”initial”][et_pb_column type=”4_4″][et_pb_text use_border_color=”off” disabled=”off” background_position=”top_left” background_repeat=”repeat” background_size=”initial” _builder_version=”3.8″]<\/p>\n
Part of the fun of\u00a0launching a start-up is the release from corporate red tape, throwing away the shackles of internal politics, pointless meetings and soul sapping processes. When you sit down dreaming of the launch and pull together the business plan, the focus is on the MVP, customers and cash flow, not what many perceive as a bloated security management system.<\/p>\n
Having read numerous start-up books the general wisdom to launching and accelerating growth seems to be starting with a lean iterative model. Then working through several transition stages where you need to \u201ccross the chasm\u201d by looking for funding and growing in your maturity, especially when you are looking to scale up the business. Not one book I\u2019ve read states you should start working with an ISO 27001 Management system, however, we did at N4Stack and I\u2019m here to make the case.<\/p>\n
Firstly it\u2019s not for everyone, ask yourself the question if it’s on your wish list for the next 5 years, are you having internal conversations such as\u2026 in order to deal with larger clients, will the lack of ISO 27001 slow us down?<\/p>\n
Here are my top 3 reasons start-ups should embrace ISO 27001:<\/p>\n
1. It accelerates your growth:<\/strong> Why? think about how a start-up matures and what your end goal looks like. Part of \u201ccrossing the chasm\u201d is by your own making. If you start with an organisation that lacks a level of governance from day one, your company drifts unless you pull it back. After your first year, you\u2019ll have customers, proved the model and you then need to mature operationally and scale up. At some point you will hit a wall whereby customers or investors want evidence of your governance or you will hit a major issue that may cause damage. By using ISO 27001 and I mean really embracing it from the start really lowers the height of the walls you will inevitably hit.<\/p>\n For example if you look at the Greiner Growth Curve it warns of a number of crisis or common growing pains for a business.<\/p>\n <\/p>\n If you embrace ISO 27001 in the first phase and build the ISMS in a way that the founders are heavily involved with a focus on lean, automated process you will end up with a more aligned and slicker implementation. As the business grows this hard work at the start will provide a future proofed approach. If you don\u2019t man (or lady) up until a customer is holding an ISO 27001 gun to your head you are more likely as a business owner to delegate to a hire that struggles to engage the company and aggressively tailor it to your organisation. It\u2019s so much harder to retro fit processes at a later date than make them incumbent from the start.<\/p>\n 2. It helps you to run your business: <\/strong>ISO 27001 isn\u2019t about technical security, it\u2019s about looking at the risks to your business (good and bad) and pushing for continual improvement. The risk of being undermined by a competitor, the risk of not investing in a new product feature, or not adapting to changing economic conditions, surely as a business owner these are the things you should be looking at. A good system provides the structure which you then tailor to your business.<\/p>\n 3. I<\/strong>t\u2019s a great customer selling point and differentiator: <\/strong>No customer is going to prefer dealing with a less secure organisation. \u201cSorry Bob, I appreciate you are selling the exact same service as your competitor, the good news is as you are less secure I would like to buy from you!\u201d\u2026. <\/em>ummm doesn\u2019t happen. <\/em>Having a well implemented ISMS will not only improve your organisation but it will build a strong level of trust with the customer. The other fabulous news when you are competing with bigger competitors is that start-ups can be a lot more secure than larger organisations. Why \u2013 well it\u2019s a numbers game, you have less staff, less systems and as such your threat surface exposure is typically lower. If you think about a company of 10,000 staff any internal\/ external audits or CMA\u2019s barely scratch the surface. When we do an audit we check every system, building, process and staff member\u2019s compliance\u2026 try doing that with 10,000 staff across 40 offices!<\/p>\n So what are you waiting for? If you run a business then get started today, the longer you leave it, the harder it will be to retro fit into your company.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":" Why Start-Ups should embrace ISO 27001 Part of the fun of\u00a0launching a start-up is the release from corporate red tape, throwing away the shackles of internal politics, pointless meetings and soul sapping processes. When you sit down dreaming of the launch and pull together the business plan, the focus is on the MVP, customers and […]<\/p>\n","protected":false},"author":1,"featured_media":52840,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"Why Start Ups should embrace ISO 27001<\/strong>\r\n\r\nWhen you launch a start-up, part of the fun is the release from corporate red tape, throwing away the shackles of internal politics, pointless meetings and soul sapping processes. When you sit down dreaming of the launch, pulling together the business plan, the focus is on MVP, customers and cash flow, not what you may perceive as a bloated security management system.\r\n\r\nHaving read numerous start-up books, the general wisdom to launching and growth seems to be starting with a lean iterative model. Then working through several transition stages where you need to \u201ccross the chasm\u201d by looking for funding and growing in your maturity, especially when you are looking to scale up the business. Not one book I\u2019ve read states you should start working with an ISO 27001 Management system, however, we did and I\u2019m here to make the case.\r\n\r\nFirstly it\u2019s not for everyone, ask yourself the question if it\u2019s on your wish list for the next 5 years, are you having internal conversations such as\u2026 in order deal with larger clients not having ISO 27001 will slow us down.\r\n\r\nHere are my top 3 reasons start-ups should embrace ISO 27001:\r\n\r\n \t
\r\n \t
\r\n \t