Southeast Asian venture capital firm AC Ventures in collaboration with PwC Indonesia, on Thursday launched a new resource for entrepreneurs – a playbook of best practices on how to approach rising cybersecurity threats in the modern private sector.
Titled “Cybersecurity Playbook for Startups,” the comprehensive guide addresses the growing need for robust cyber defense mechanisms among new ventures and scale-ups alike, particularly as such threats continue to evolve and become more advanced with the rise of generative AI (GenAI), advanced cloud tech, quantum computing, and more.
Despite the paramount importance of cybersecurity in business building, management teams often find themselves unprepared for cyber challenges, as they tend to focus primarily on core business functions over digital security. This oversight, however, can lead to catastrophic consequences.
According to recent data from PwC, a single data breach can incur costs upward of $1 million per incident, with the frequency and severity of such breaches increasing annually.
PwC identifies cloud-related threats, hack-and-leak operations, third-party breaches, attacks on connected products, and ransomware as the top five cyber threats most concerning to security executives.
Per PwC, 36 percent of companies it recently surveyed incurred costs over US$1 million as the result of a data breach, a rate up from 27 percent in 2023. This has led 49% of directors to view cybersecurity as a major oversight
challenge.
Meanwhile, advancements in GenAI and cloud technologies have heightened vulnerabilities, and 42% of executives are now also adjusting strategies to address quantum computing threats.
Subianto, Chief Digital and Technology Officer at PwC Indonesia, explained, “As data breaches continue to rise and become more costly, organizations need to pay more attention to cyber resilience and integrate cyber initiatives into their resilience strategies and initiatives. From PwC’s recent report, in Indonesia, only 27 percent routinely anticipate future cyber risks, and a mere 15 percent typically allocate their cyber budgets to address the
organization’s top risks.
“This shortfall may stem from various factors, such as a lack of strategic foresight, inadequate resources, or a reactive rather than proactive stance on cybersecurity. To bridge this gap, organizations must transition from reactive to proactive cybersecurity strategies,” he said.
The joint playbook aims to bridge a variety of knowledge gaps on the topic in the venture ecosystem, providing actionable strategies and insights gleaned from experienced tech leaders within AC Ventures’s portfolio.
It covers practical topics crucial for founders, including the understanding of common cyber threats, the establishment of core cybersecurity principles, the development of tailored cybersecurity strategies, effective incident response planning, and adherence to regulatory compliance and data protection.
The playbook emphasizes the importance of the “CIA principles” (Confidentiality, Integrity, and Availability), guiding management teams on how to safeguard their information assets more effectively.
It also includes a step-by-step guide to developing rapid and effective strategies for mitigating the impact of cyber incidents and ensuring that companies meet current and upcoming regulations to avoid legal repercussions and build trust with stakeholders.
The playbook also highlights the use of GenAI for cyber defense, a cutting-edge approach to enhancing cybersecurity measures via advanced threat detection, intelligence analysis, and adaptive controls. It discusses the potential of GenAI to significantly bolster a startup’s defenses against novel cyber threats that are now part of the digital landscape.
Pandu Sjahrir, Founding Partner of AC Ventures, said, “With great advancements in digital technologies, particularly GenAI, come increased vulnerabilities that can threaten the very core of a growing enterprise. Through this resource and others, we aim to empower companies with the knowledge to not only defend against potential cyberattacks but to build a foundational security posture that scales with their growth.”