8 Cybersecurity Myths Businesses Still Believe

cybersecurity myths

Cyberattacks are a risk to any business, but even more harmful are the myths surrounding them. Here we’re going to bust some of the most common cybersecurity myths so you can make the right decisions to protect your data.

1. “My data isn’t worth stealing”

It’s not only corporate giants with massive quantities of sensitive data that suffer security threats. 

Many small businesses mistake their size as a reason hackers won’t target them in cyber attacks, as they don’t think they have anything worth stealing. 

A shocking statistic from a Verizon report in 2018 showed 58% of cyberattacks were against small businesses. 

2. “Phishing is easy to spot”

Phishing attempts are getting increasingly sophisticated, with emails and texts that mimic real organizations, making this the most dangerous of the cybersecurity myths. Even a keen eye can miss a phishing attempt. 

If you’ve received a message that uses a company logo and real contact information, look carefully at the finer details:

  • Is the sender an official email address or phone number?
  • Does the message contain lots of spelling errors?
  • Is the sender asking you to confirm sensitive information?
  • Are the images of a low resolution or out of date?

These could all be signs of a phishing scam and could do serious damage to your business if an employee takes the bait.

3. “My passwords are safe enough”

This is one of the most rehashed cybersecurity myths. While most people are aware that “password” and “123acb” aren’t the most secure passwords out there, there are still a lot of mistakes people make when choosing a password. For the most effective password, use the following guidelines:

  • The longer the password, the better. Longer passwords are harder to crack, so try and make yours over 12 characters.
  • Make sure you use a mix of letters, numbers, and characters.
  • Avoid personal information and common words. Try instead making an acronym of a phrase.
  • Each account you have access to should have a different password. Using the same password over and over makes it that much easier for hackers to gain access to information.

Yet the real problem with password breaches isn’t how complex the password is—it’s how passwords are stored and who has access to them.

A strong password is about as useful as a weak one if it’s easy to access. Using a password encryption platform like Lastpass or Bitwarden can help strictly guard sensitive login info and monitor who has access to it. 

4. “Viruses on my devices look obvious”

It’s not the 1990s anymore—infected devices are no longer swarming with pop-ups and bizarre desktop icons.

Modern malware can be virtually undetectable with minimal impact on how your system runs. Hackers don’t want you to find their malicious software, so only strong anti-malware programs can detect it. 

A recent ransomware attack on IT software provider Kaseya came from a seemingly innocent update, but it disguised malicious and fast-acting malware that proved incredibly effective.

5. “My industry isn’t the target of cyber attacks”

On the surface, certain industries like healthcare or financial services may seem like the preferred choices of cyber-attacks because of the nature of and volume of the data they hold. 

However, your business is at risk of cyberattacks, regardless of industry. As long as you store sensitive data, you could be targeted by criminals.

6. “Cyberattacks only come from outside sources”

Nearly two-thirds (60%) of cyber threats originate inside a business. That’s a sobering statistic from an IBM study on cybersecurity, showing that employee negligence and ignorance can cause more of a threat than external factors.

From accidentally using an infected flash drive to deliberately misusing sensitive company data, insider threats are not to be overlooked. 

7. “Anti-virus software is enough to keep my data safe”

While anti-virus software can help protect your information, it should be included as part of a larger strategy to keep your business safe from harm. Anti-virus software won’t look after everything. 

It’s important to offer appropriate cybersecurity training to your staff, monitor employee activity for insider threats, and put policies in place to protect company information. 

8. “Cybersecurity is IT’s problem, not mine”

It’s often user error or ignorance that opens the doors up to hackers, malware, and other cyber threats. While an IT team can help install software and perform regular checks, it’s up to employees to be aware of potential risks—like keeping passwords safe and spotting phishing scams. Unsure of how to protect your business from cyber threats? Tolar Systems provides managed IT services and cybersecurity in Abilene and West Texas — contact us today.