Common Myths About Cybersecurity

Cartoon figure with a frown and the words: What were you thinking?

There are many misconceptions about cybersecurity. Today I'm going to look at some of these myths. It's a good reminder for all of us to check our thinking.

Myth #1: Only the rich and famous are targeted

Cybersecurity is not just for big companies or celebrities. Many cyber attacks have got nothing to do with who you are. I wrote about this in "Has your website been hacked?". Attackers can use your server's processing power, your internet connection and your website reputation. They set up automated processes to scan sites for vulnerabilities.

Myth #2: My data isn't valuable

This relates to Myth #1. You might think your personal data is worthless, because you aren't rich and you have nothing to hide. But all data is valuable to a hacker.

It's time to take a long hard look at all the data you create, collect, store and use. It's not just data about your customers: it's also data about your employees and your suppliers.

Myth #3: Security is an IT responsibility

The best technology doesn't help if someone uses password123 to log onto your system! Remember what I wrote last week: 90% of security breaches involve human error. Cybersecurity starts with employee training.

Myth #4: Cybersecurity is very expensive

Many of the steps you can, and should, take to protect your data only cost time and effort, but very little money. Here are a few things that will improve your safety and cost you nothing:

  • Set up basic security procedures.
  • Restrict administrative and access privileges.
  • Enable multi-factor authentication.
  • Teach your employees to spot malicious emails.
  • Check that your website is using HTTPS.

Myth #5: Outsourcing means it's not my problem

You have a legal and ethical responsibility to protect sensitive data. You need to verify that your partners and vendors have proper security in place. And if they lose your clients' data, it will still be your responsibility to tell your clients.

Myth #6: Public liability insurance will cover cyber breaches

Most standard insurance policies do not cover cyber incidents or data breaches. Check with your financial advisor. There are special insurance policies for this, but you need to know what the conditions are.

Myth #7: Hackers are scary outsiders

The Anonymous hacktivist movement adopted the Guy Fawkes mask. So when we think of hackers, that's the image we imagine. Grinning white faces with thin black mustaches, and narrow lifted eyebrows. But cyberattacks do not always come from outside. In larger companies, the risk of an internal actor is real.

Myth #8: Younger people already know about cybersecurity

The age of your employees does not determine their cybersecurity practices. Discuss cybersecurity before you give someone access to your social media, website, network or server.

Myth #9: Digital and physical security are different things

Physical access is an important component of digital security. And you may need to rethink this if your staff are working remotely. Do visitors or family members have access to your employee's computer? Does your employee visit the local coffee shop for internet access during power outages? You need procedures to prevent unauthorized physical access to sensitive information.

Myth #10: New devices are secure when I buy them

Sorry to disappoint you. Make sure the software is up to date. Change the manufacturer's default password. And configure privacy settings on your device before you use it.

As always, please share your thoughts and comments.

Leave a Comment

Your email address will not be published. Required fields are marked *

Thank You

We're Excited!

Thank you for completing the form. We're excited that you have chosen to contact us about training. We will process the information as soon as we can, and we will do our best to contact you within 1 working day. (Please note that our offices are closed over weekends and public holidays.)

Don't Worry

Our privacy policy ensures your data is safe: Incus Data does not sell or otherwise distribute email addresses. We will not divulge your personal information to anyone unless specifically authorised by you.

If you need any further information, please contact us on tel: (27) 12-666-2020 or email info@incusdata.com

How can we help you?

Let us contact you about your training requirements. Just fill in a few details, and we’ll get right back to you.