CyberCube, a cyber analytics provider, has completed its Service Organisation Control 2 Type II (SOC 2® Type II) audit report. The report is based on an examination of CyberCube’s internal controls and procedures. CyberCube is committed to exceeding critical compliance standards for its customers. A SOC 2 Type II report assures its clients that the company meets the suitability of design and operating effectiveness of applicable controls. Information security policies SOC 2 Type II is a certification that is only issued by an accredited third-party auditor after conducting an examination in accordance with attestation standards established by the American Institute of Certified Public Accountants (AICPA). These standards ensure that CyberCube follows strict information security policies and procedures encompassing the security, availability, processing, integrity, and confidentiality of customer data. Peter Quinby, CyberCube’s Business Operations Manager said: "Meeting the highest standards for security, availability, and confidentiality are all critical to the services we provide to our clients. Ensuring the security of our users is a CyberCube priority, and we are constantly assessing how we can make our solutions even more secure.” Ajay Garg, CyberCube’s Vice President of Engineering, added: “SOC 2 Type II certification is a great milestone for CyberCube as it shows the maturity of our organisational controls, processes, and security. This certification validates our promise of keeping our clients’ data protected.”
While cybersecurity may not seem the most urgent priority for entrepreneurs and their start-up business ventures, increasing the emphasis placed on cybersecurity reaps rewards as the business matures. This is the key message from cyber risk analytics expert CyberCube in its contribution to a new World Economic Forum report published. The report Incentivising Responsible and Secure Innovation: A Framework for Investors and Entrepreneurs focuses on incentivising secure and responsible innovation during this period of rapid technological change and high consumer demand for internet-connected products. According to the report, “digital technologies are introducing new vulnerabilities faster than they can be secured and the prospect of curbing cyberattacks diminishes with each additional unsecured technology”. Strong cybersecurity cultures missing In its submission to the World Economic Forum, CyberCube noted that many start-ups are hindered from developing strong cybersecurity cultures because of the competing pressures of product development and rapid workforce expansion. To counter this, cybersecurity needs to be prioritised and embedded in the business from the get-go. Ajay Garg, CyberCube’s Head of Engineering, said: “Security belongs to everyone in an organisation, not just the security team. Everyone handles data and uses passwords so they all have a part to play. Even in their earliest stages, businesses increasingly need to establish a security culture and reinforce it through small, attainable goals.” Other useful techniques identified by CyberCube for instilling a security mindset include managers leading by example; thinking creatively to make the topic engaging for staff and focusing on raising employee awareness of the issues. Cyber essentials framework Pascal Millaire, CyberCube’s CEO said: “Too often, cybersecurity is viewed only as an information technology issue for which only IT professionals are responsible. The cyber essentials framework promoted by the World Economic Forum reframes cybersecurity into a strategic business challenge transcending across organisational, product and governance issues for all entrepreneurs, innovators and their investors.” Pascal Millaire attended Davos in January 2020 as part of CyberCube’s position as a World Economic Forum Technology Pioneer. The World Economic Forum’s report Incentivising Responsible and Secure Innovation: A Framework for Investors and Entrepreneurs is available from the Forum’s website.