There is a lot of misinformation out there when it comes to cyber security. Below are 8 common cyber security myths that could cost you your business. 1. Your business is too small to be attacked by hacker Nothing could be further from the truth. We are used to hearing of big companies getting breached for big dollars. The truth is, small businesses made up over half of all the breaches in 2018. Why? Simply put, most small businesses don’t have the resources to fortify their networks, so the hackers will target first those networks that are easier to get into. 2. Strong passwords are enough to keep your business safe While having a strong password is much better than a default or no password, having multifactor authentication is better. Passwords can be hacked or stolen, but having the multifactor authentication adds an extra layer of security. Check out our previous blog to learn how multifactor could have saved Voova from a breach. 3. Antivirus software will keep your company completely safe Again, while it is very important, it can’t stop all cyber attacks. Antivirus software can’t protect you from social engineering. And if your antivirus software isn’t up-to-date, it may not keep the latest malware from infecting your systems. 4. If the Wi-Fi has a password, then it is secure The reality is any public Wi-Fi can be compromised. When using public Wi-Fi, ensure you are using a VPN first to keep data safe. 5. Cyber security threats are only external Nothing could be further from the truth. One of the biggest breaches in Canada in 2019 happened at Desjardins when an employee started selling customer data. While Verizon’s Data Breach Investigation Report shows 28% of all attacks perpetrated by insiders, note that not all of these insiders were malicious. Some cases were just human error (opened a phishing error). Better employee education can help. 6. Annual employee security awareness training is enough How good are you at something you only practice once a year? For employees to better recognize phishing and social engineering attacks, regular on-going training is a must! 7. You’ll know right away if you are hacked Some forms of malware today are designed to hide in a network for a long time undetected before the “payload” is released. According to the Verizon study, 68% of breaches took months or longer to discover. Even worse, once discovered, it can also take a long time before systems are patched, viruses are contained, and everything is up and running normally. 8. Cyber Security is solely the IT department’s responsibility That’s a lot of responsibility to put on the IT department’s shoulders. Every staff member needs to be trained on cyber security best practices, so they don’t fall for phishing campaigns. Afterall, the IT department can’t prevent everyone from clicking on an attachment in an email. Need help busting any of these myths? Check out Uzado’s services and contact us today.