Most common security pitfalls by Mikko Hypponen (Chief Research Officer of F-Secure):
Today, all companies are software companies — and this definitely applies to startups, too. Practically every startup ends up writing code, even if technology isn't the main focus of their company.
Here's a ten-part checklist to help you and your hot new startup avoid the most common security pitfalls:
3. Trust the cloud.
Most startups today choose to go for cloud services such as AWS, Azure and GCE anyway, which is also good for your security. Amazon, Microsoft and Google are investing hundreds of millions of dollars into their security. This means that breaking into the servers that run the largest cloud providers is hard.
6. Get a Mac.
When I walk around in startup events, everybody seems to be rocking a MacBook. Macs are great for security, but probably not for the reason most people think. OS X is actually less secure than Windows 10 in many ways. However, as Mac market share hovers only around 10% and most organized cybercrime gangs have existing expertise in Windows, criminals keep focusing on Windows. This is why we see much fewer attacks on Mac. Do note that Mac users fall for phishing just as easily as Windows users — and iPhone and Android users fall even better, as there are fewer safeguards on them, and detecting a fraudulent lookalike URL is harder on a smaller screen.