9 Cyber Security Myths: Busted

Cyber security is one of the top priorities for organizations in the modern age. Data breaches have affected a range of businesses, from unknown small startups to notorious large corporations. But what are the myths that surround cybersecurity? 

Well, here are 9 of the myths that many people would believe to be true, but are in fact, not and therefore should be recognized in order to ensure that their personal or corporate devices are kept safe from cyber criminals:

Myth #1 – That if you own a small business you are safe 

Many people believe that small businesses are not affected by cybersecurity threats and that attackers only go after large corporations. This inherently is not true. Even though in the news and on social media, it is often the large organizations that are mentioned when they have a data breach, small and mid-sized businesses also face digital threats. As they don’t think they can be affected, they often do not invest in cybersecurity measures that will prevent them from occurring. 

Cyber criminals don’t care what the size of your business is and will come after you. Even though a larger organization may initially seem more tempting to them as they hold a bigger amount of sensitive information, they usually have a more watertight security system, therefore are harder to attack than smaller businesses. This, however, as made clear by the media isn’t always the case.

Myth #2 – That the passwords you are using are strong enough to withstand hacking from cyber criminals

Many people use passwords that are created using their date of birth, place of work, their name or another obvious choice that they might not think that cybercriminals can hack. These passwords unfortunately can easily be broken into and aren’t 100% secure. Although, those that are created using a variety of special characters and numbers also have a chance of being broken into. To make sure that your passwords are not hacked and that your sensitive information is kept safe, it is important that you frequently change your passwords, both at work and on your devices at home. Your desktop will even often remind you to change your password and some apps/social media platforms will ask you to as well. If you are someone that frequently forgets your passwords, you can always use software such as LastPass or 1Password that securely saves your passwords and will update them when you do.

Myth #3 – That the anti-malware or antivirus you have on your devices will keep them 100% secure

Even though many people invest heavily in anti-malware or antivirus software in order to prevent their systems from cyber attacks, they often can’t prevent all types of these attacks from happening. No matter which one you choose, the software has to rely on information that is stored in a large database. If a hacker has created a new malware, they can infect your PC or network without your antivirus software being able to detect it. In order to make sure that your system is protected, you should invest in a variety of software that will cover different aspects of it.

Similarly, those who own Apple products may believe that their systems are fully secure due to the antivirus software that is built into them. This, however, is not the case. Many cyber criminals can attack your system by installing a bug that takes control of your device or can access your data through methods such as email phishing. To ensure that your Apple device is kept more secure, it may be a good idea to invest in other software alongside the one that is built in. 

Myth #4 – That there are no risks of using your own device at work

Often people like to use their own laptops whilst they are at work, due to the familiarity they have with using them. Even though this will help the business to save money on buying work laptops for them, by using your own laptop there are a number of cybersecurity risks that arise. If you connect your own laptop or mobile phone to your work’s network, it is opening the network up to potential hackers. 

Even though bringing your own device in is a popular choice, as it hasn’t got the same level of security installed on it as corporate devices would have, it can be compromised easier. If you do want to use your own device, you may have to have a private VPN set up, as well as making sure that you have a 2FA (two-factor authentication) system installed on your accounts. 

Myth #5 – That cybersecurity threats and attacks only happen externally

Many people believe that cybersecurity threats and attacks are only the result of cyber criminals that are working outside of the company. This is not always the case. A large portion of cyber attacks is a result of an internal employee or someone that used to work within the organization. 

This could be because they want to expose the business to issues and attacks, or they might not know that what they are doing is causing a disastrous data breach. In order to prevent this from occurring, an organization should make sure that they are fully training their employees on what not to do and ensuring that they are fully aware of cyber threats/what to do when they occur.

Myth #6 – That cybersecurity should only be the responsibility of the IT team

It is often easy to think that everything that happens on a computer is the responsibility of the IT team – this includes preventing the system from being hacked by cyber criminals. However, as many organizations don’t have the funds to hire a full IT team or invest in full cybersecurity training, it is essential that all staff members should be aware of the correct cybersecurity practices. 

You should know how to manage the network infrastructure and how to reset your logins if need be. You shouldn’t always rely on IT to fix every tech-related problem. 

Myth #7 – Businesses don’t need frequent tests or assessments 

When running a business or working within one, it should be made sure that the cybersecurity systems are frequently tested. Without carrying out thorough penetration tests and assessments, you won’t be able to identify any weaknesses or areas that are vulnerable to cyber criminals. 

These can be fatal to a company and can result in areas of the systems being accessible – resulting in the organization losing revenue and having their reputation tarnished. The business needs to be fully up to date with all the risks and any counter-measures that they might need to take in order for their organization to be protected from possible threats. 

Myth #8 – That complete security is possible

The sad thing is that no matter how often you update your antivirus software, the businesses devices or your own personal devices aren’t completely secure. With cybersecurity, there is a constant requirement to be able to adapt to any threats that arise. 

Yes, there are strategies and backups that you can do in order to try and prevent them, but usually, a cyber criminal is one step ahead of your methods. This doesn’t mean, however, that you should give in to them and give up with the approaches you are taking. You should have a positive outlook and ensure that you are proactive towards these malicious threats. 

Myth #9 – That viruses can be immediately identified 

Even though in previous years, it was immediately obvious that your computer or systems were infected by viruses – this could be through your browser loading slowly, if there was an abundance of pop-up ads etc. However, in the present day, how cyber criminals attack your systems have evolved to be almost unrecognizable at first. 

This sly approach means that they can access sensitive data for months before you even realize they are doing it. As mentioned in myth number 7, in order to make sure that any threat or attack is recognized, you should conduct thorough and frequent tests. These will protect your devices as best as they can and will adapt with them as they arise. 

It is frightening how easily cyber criminals can gain access to sensitive information. It can destroy a company – whether it is a large organization or even a small startup business. So much of the information surrounding cybersecurity is false, therefore in order to enhance the protection you have in place, you need to be able to separate the facts from the fiction. You need to be able to set appropriate goals, have security measures in place and ensure that your business or personal device is as secure as possible. 

Having the correct mindset in place that with the development of technology, the malware that cybercriminals have access to will also adapt, will make sure that your personal devices or businesses’ systems have a greater chance of protection. As mentioned above, over the last couple of years the importance of cybersecurity has become abundantly clear. From the huge and notorious data breach that was faced by Facebook to the foreign hacking that took over the elections, no organization or system is safe and you should be fully aware of this.