TY - JOUR T1 - Information Security Best Practices: First Steps for Startups and SMEs JF - Technology Innovation Management Review Y1 - 2018 A1 - Urpo Kaila A1 - Linus Nyman KW - best practices KW - cybersecurity KW - information security KW - risk management KW - SMEs KW - startups AB - This article identifies important first steps toward understanding and implementing information security. From the broad selection of existing best practices, we introduce a lightweight yet comprehensive security framework with four useful first steps: identifying assets and risks; protecting accounts, systems, clouds, and data; implementing a continuity plan; and monitoring and reviewing. This article is intended primarily for startups and less mature companies, but it is likely to be of interest to any reader seeking an introduction to basic information security concepts and principles as well as their implementation. PB - Talent First Network CY - Ottawa VL - 8 UR - https://timreview.ca/article/1198 IS - 11 U1 - Finnish IT Center for Science (CSC) Urpo Kaila is the Head of Security for CSC – the Finnish IT Center for Science. His background in the information security industry, with long experience in handling security incidents as well as developing solutions for information security and data protection. He has been responsible to achieve the valued ISO/IEC 27001 information security management certification for CSC and is a steering committee member in security groups for some European Research Infrastructures, such as WISE and GÉANT SIG-ISM. Urpo holds the professional international information security certificates CISSP, GCIH, GCED, CISM, and ISO 27001 Lead Auditor. He also holds a Master’s degree from the Hanken School of Economics. His research focuses on best practices in information security and data protection. U2 - Hanken School of Economics Linus Nyman is an Assistant Professor at the Hanken School of Economics in Helsinki, Finland, and an Adjunct Research Professor in the Technology Innovation Management (TIM) program at Carleton University in Ottawa, Canada. He has lectured on a range of topics, including information security and privacy, information systems science, corporate strategy, and open source software development. His current research focuses on information security and privacy, which are topics he also covers in a blog for the Finnish daily newspaper HBL. Linus holds a PhD and a Master’s degree, both from the Hanken School of Economics. ER -