There are a lot of myths surrounding cyber security. The belief in these myths plays well into the hands of hackers. If you have a false perception of your safety, it makes it that much easier for hackers to attack you. Below are 5 common cyber security myths debunked.
1. Passwords are Foolproof
This myth has been debunked by cyber criminals many times over. In some cases, a user will resort to a using a default password, which a criminal can easily guess. Even in cases where a user does create a strong password, hackers have been able to find these passwords on the dark web. A multifactor authentication system is stronger than passwords alone.
2. Cyber Attacks Only Happen to Other People/Businesses
Wouldn’t it be nice if cyber security really was a problem for “those guys.” The reality is that both large enterprises and small businesses are susceptible to cyber attacks. Imperva’s 2019 Cyberthreat Defense Report claims that 79% of organizations were attacked. Couple that with Verizon's 2019 "Data Breach Investigations Report," which says that 43% of breaches involved small business victims. A breach can happen to anyone, any business, anytime, anywhere.
3. Security is The Security Team’s Responsibility
Putting the onus for the entire businesses cyber security is doomed to failure. While the security team is there to ensure the technology is in place to prevent a breach, and while they can enact policies and train staff, the rest of the staff has to ensure they are following the policies and are retaining that security training. For example, in a Bring Your Own Device (BYOD) environment, the security team may not have visibility into whether you are downloading timely updates, or if you are connecting to insecure Wi-Fi while working remotely. The security team doesn’t know if you are going to fall for a social engineering scam. Employees at all levels of an organizations must become defenders of cyber security.
4. IT Professionals are Immune to Cyber Attacks
It would be nice if this were true, but IT professionals are human, just like other employees at an organization. Some hackers have made their phishing scams so sophisticated that even an IT professional might be fooled. Hands-on cyber awareness training for all levels of the organization, include IT staff, is extremely important.
5. Cyber Attacks Only Happen Digitally
Social engineering tricks aren’t just confined to phishing emails. While it is important to learn to recognize phishing emails. It is also important to be aware of real-life social engineering tricks. Social engineering attacks can happen over the phone or in person. In our blog, Social Engineering: Are you Prepared?, We recount the story of how some penetration testers figured out how to enter a highly guarded government building and take over a network printer. When it comes to cyber security, physical security is also just as important.
Busting cyber security myths is the first step in better securing your business. If you’ve fallen for any of the above myths, or need help addressing any of these challenges, Uzado can help. Contact us for all your cyber security needs.