Blockchain
Cannabis
Cryptocurrency
Influencers
Micromobility
On-Demand & Shared Economy
On-Demand Delivery
Robotics
SPACs
Web3
AI
E-Commerce
Education Technology
Esports
Fintech
MSPs
SaaS
Startups
Technology
Life Science Risk Management
Biotech
Dietary Supplement & Nutraceutical
FamTech & BabyTech
HealthTech
Pharmaceutical
Virtual Care, TeleHealth, & Telemedicine
Financial Services
Professional Services
Media & Advertising
info@foundershield.com 
114 E 25th St, New York, NY 10010 
646.854.1058 
Carl Niedbala
Managing Partner; COO & Co-Founder
Key Takeaways
Managing Partner; COO & Co-Founder
With potentially 70 million effected by the recent Target data breach, the US government thinks it’s time to talk about the elephant in the room for the tech world: Cybersecurity protocol.
Earlier this week, the government released the new US cybersecurity “framework”, the creation of which was mandate by president Obama through an executive order earlier this year. The framework was drafted by the National Institute of Standards and Technology.
You can access the document here if you’re really curious. If you’re reading this blog, however, it’s likely not worth your time…for now, that is. Why? The new framework mainly deals with technology companies working on a massive industrial scale, such as energy, financial services, communications companies…basically the 16 sectors the government has identified as critical to our infrastructure. This makes sense when looking at the tech world from a government viewpoint in a post-9/11 world.
While it’s clear that the government is taking a top-down approach at tackling these issues, the startup world won’t be far behind. Silicon Valley, though falling outside of that “critical infrastructure” zone, clearly plays a vital role in the economy of the country. Even if this document was targeted at the startup world, I still wouldn’t suggest taking a read. It was highly conceptual and lacking any clear path to action items…not really an enjoyable read for startup folks!
So what does the new cybersecurity document matter for startups? As the document gets expanded and implemented, deliverable goals will likely start to fall into place. Typically, documents like this will be met with some confusion at first, and as they wind their way through the court system after every related dispute, more and more clarity will begin to appear. It may take a while, but we will probably reach a point where more concrete standards with visible and attainable checkpoints and goals fall into place for the greater tech world.
Given the US cybersecurity framework’s origins (and lack of Congressional input), this new framework doesn’t really have the full effect of a law right now. That’s why the administration is figuring out what sort of incentives it can craft to get the targeted industries on board with the developing standards. One idea being thrown around involves perks related to obtaining cyber liability insurance. This is still very tentative, but we may see a time where cyber liability insurance becomes the norm rather than a nice add-on. We’re already seeing more and more legal documents (client/vendor contracts, etc) here at Founder Shield requiring this coverage, so it’s safe to say that this idea is certainly trending in the private sector.
Founders can put this on the back burner for now, but don’t be surprised if this comes back around in the near future. It will be interesting to see how this framework evolves and expands in the near future.
