(4 minute Read)

One of the major obstacles facing businesses today is preparedness toward cybersecurity. Despite all the increased focus on making and keeping companies cybersafe, there are numerous cybersecurity misconceptions that still exist in the business world.

“Nothing in the world is more dangerous than sincere ignorance and conscientious stupidity.” 
~ Martin Luther King Jr.  

If you or any of your employees believe any of the below myths, you could be opening your business up to unknown risks.

A strong password is enough to keep your business safe.

Two-Factor authentication & data monitoring is also needed.

Strong passwords are one of the foundations of good security practices, especially for businesses. However, implementing and enforcing strong password policies is only the beginning. In fact, one of the major components of cybersecurity preparedness that companies overlook isn’t how people access the information — its what information is available in the first place. Not only do employees need strong passwords, companies need to be more aware of who they allow to access what data.

Small & Medium sized businesses are not targeted by Hackers.

Small businesses made up over half of recent breach victims.

The proliferation of high-profile hacks in the news cycle often tricks small- and medium-sized businesses into thinking that they won’t be targets of attack. The opposite is true. In fact, according to the 2020 Verizon Data Breach Investigations Report, 28 percent of data breach victims are small businesses. Other interesting facts from this report; 72% of breaches involved large business victims, 58% of victims had personal data compromised.

Only certain industries are vulnerable to cyber attacks.

Any business with sensitive data is vulnerable to an attack.

Some businesses wrongly assume that they won’t be attacked because of the industry they’re in. This myth also goes together with the belief that some companies don’t have anything “worth” stealing. The reality is that any sensitive data, from credit card numbers to addresses and personal information, can make a business a target.

Anti-virus and anti-malware software keeps you completely safe.

Software alone can’t protect against all cyber risks.

Anti-virus software is certainly an important part of keeping your business safe — but it won’t protect you from everything. Software is just the beginning of a comprehensive IT security plan.

Cybersecurity threats come from the inside.

70% of breaches this year were caused by outside attacks.

Within 2020, there has been a notable change with regards to who is more likely to attack your business, in previous years, data showed that attacks would be more likely to come from the inside. Insider threats accounted for more than 75% of data breaches, this has reduced to 30% in 2020. Current statistics show that 70% of attacks were from external actors & 55% were by organized criminal groups.

Cybersecurity is the IT department’s responsibility.

Cybersecurity is the responsibility of all employees.

Yes, your IT department has a lot of responsibility when it comes to implementing, risk mitigation and reviewing policies to keep your business safe, but each and every employee and member of your business is responsible for keeping your business safe, not just your IT department. 49% of malware is installed via email. Your employees need to be trained and up to date with cybersecurity best practices.

If wi-fi has a password, it’s safe.

Any public wi-fi can be compromised even with a password.

If you have employees who travel a lot, work remotely (most of you do with the current COVID-19 pandemic which has forced businesses to adopt new ways of working and doing business), they may assume that a password keeps a wi-fi network safe. Wi-fi passwords only limit the number of users per network; other users with the same password can potentially view any sensitive data that’s being transmitted.

I’ll know if my computer is infected.

Cyber criminals are stealthy, you won’t know.

In the past there were signs that your computer is infected such as pop-up ads, slow browsers and in extreme cases complete system crashes. Today’s modern criminals use malware that is much more advanced and stealthier. Depending on which malware your system is infected with, it is possible that your computer or network will continue running, allowing the virus to do damage for a long time before you even detect it.

Personal devices do not need to be secured.

All smart devices can compromise a network’s system.

Employees using personal devices for work need to follow the same protocols and policies put in place for all the network devices in your business. Any smart device can be compromised which in turn, could cause a breach within your business.

Complete cybersecurity can be achieved.

Cyber preparedness is ongoing.

Cybercriminals advance each day, with new threats & scams. The protection of your business against these attacks and threats must be a continuous priority within your business.

Sources:
https://www.foxnews.com/tech/10-cybersecurity-myths-you-need-to-stop-believing
https://enterprise.verizon.com/resources/executivebriefs/2020-dbir-executive-brief.pdf