Kariya Event Report 67: Investing in data security is business insurance.

These days, when the distance of hacking of various institutions and companies in Iran has decreased, data security has become one of the main problems of businesses.

In the 67th Karaya event, a specialized panel focused on data security in startups and with the presence of Sohrab Behroozian, Chief Infrastructure and Security Manager of DigiKala Group, Mojtaba Maddkhani, Informatics Manager of Helo Information Technology Company, Roya Dehbasteh, CEO of Ba Gedasht Security Services Platform and Saber Ghafari Moghadam, the official expert of the Judiciary, was held.

Data security is similar to business insurance

Referring to the hacking news of Snap Food, Topsy, Civil Registration Organization and the Ministry of Science and Foreign Affairs and the leakage of users' information, Maddkhwani explained: “All these cases show us that investors should focus on the allocation of funds only on infrastructure and Take marketing and consider a part for security. Investing in security, contrary to popular belief, which is considered a cost, is actually business insurance.

Ghafari Moghadam considered data security as a product of thought and effort and continued: “Unfortunately, because the product-oriented view is not on security and it is one of the last priorities of small and big businesses, they always realize its importance after hacking, and unfortunately, the number of “Many startups paid a heavy price for not taking security seriously and failed.”

In addition, Behroozian stated that according to the nature of business, data security can be considered as both a cost and an income and said: “Security services and products are expensive, and the more security is for us, the more secure we are, we are moving in the direction of various solutions. We should have it for security, and if we neglect it, it will definitely be counted as an expense.”

Data security requires a system that changes the entire organization.

Confirming Behrouzian's words, Dehbaste considered data security as a system in which changes lead to changes in the entire system and explained: “If we look at traditional security, it is completely a cost, but in a systemic approach, if the security unit leads to an increase in profitability It is not effective for business.”

And he advised startups to pay special attention to security, because they become easy targets for hackers by having user information and not taking its importance seriously, who can easily access bank websites by using that information. and access to different organizations.

Ghaffari expressed regret about the legal and legislative situation in the field of cyber security in Iran and said: “In 2008, the laws related to computer crimes were prepared and implemented in the penal department when social networks had just appeared in the country and with We did not face this extent of communication and information exchange and nothing has been added to these rules with the passage of time.

He continued: “Unfortunately, we are currently facing a severe legal vacuum, especially in the privacy sector, we have practically no law. “Recently, the draft of the debate on personal data protection has been prepared in the Digital Strategic Committee of the Parliament, but it has not yet been voted on in the Parliament.”

Regarding the development of the security team within the organization and its outsourcing, Dehbaste suggested: “In technology-oriented businesses, security is one of the fundamental and main values ​​of the organization, and issues related to it should be taken more seriously, for this reason, experts should be in it. There should be companies that can entrust this work to them, and security can be outsourced in new businesses that do not have enough funds.

Also, in this event, two startups, Ninopia, a personal development platform for children and mothers, and Rent Toys, a platform for lending entertainment equipment, presented their proposals with the aim of attracting capital.