5 cybersecurity myths that are compromising your data

Barry O'Donnell, Chief Operating Officer at TSG, busts the top five cybersecurity myths that are compromising an organization's data.
Barry O’Donnell, Chief Operating Officer at TSG, busts the top five cybersecurity myths that are compromising an organization’s data.

As the importance of cybersecurity has increased, so has our awareness of it. Poor cybersecurity has been identified as the most pressing threat to businesses today. Issues with cybersecurity often stem from a lack of cybersecurity awareness. In fact, according to the 2020 Cyberthreat Defense Report, a lack of cybersecurity awareness was identified as the biggest detriment to an organisation’s cyber-defences.

The reasons for this lack of awareness include no training on cybersecurity and persistent misinformation. Despite more media attention than ever, there are still some common misconceptions about cybersecurity that put businesses at risk.

Here, we bust the top myths around cybersecurity and how you can address them.

1. Cybersecurity isn’t my responsibility

IT security is still viewed as the IT team’s problem when that’s not the case at all. All employees have a responsibility to ensure the security of their business. Your people are the frontline of your defence and represent its biggest attack surface. They are the people hackers are targeting with phishing campaigns because they’re banking on a lack of security knowledge.

This myth can have serious consequences if your people don’t practise basic cybersecurity hygiene. If they don’t take care when clicking links in emails or downloading software, they could compromise your business’ security. Education is critical because your employees need to understand why cybersecurity is so important and that they have a role to play. Training will also equip them with the skills to spot threats and change their behaviour for the better.

2. Hackers don’t target small businesses

If media coverage is anything to go by, only large organisations like Yahoo, Uber and Marriott get attacked, right?

Wrong.

This myth is particularly persistent because of mainstream news and the fact that hackers can potentially extort higher sums of money from these businesses. But the Federation of Small Businesses (FSB) reports that UK small businesses are targeted with over 10,000 cyber-attacks a day. The same report highlights widespread weak security procedures in small businesses, including a lack of formal password policies, not installing updates and not using security software.

While the financial gain from targeting enterprises is more lucrative, the stakes are higher for small businesses. Cybercriminals know this. A cyber-attack could destroy a small business and force it to close, and that’s why one small business is successfully hacked every 19 seconds in the UK. Small businesses which have a limited cybersecurity budget should tap into the knowledge of an IT support service, who can advise on the most suitable defences.

3. My passwords will keep me safe

There are still two long-held misconceptions around passwords. The first is that adding capital letters, numbers or special characters to your one-word password will make it uncrackable. This myth is perpetuated by a lot of business accounts which have these requirements. However, the real measure of password security is length. Software can crack short passwords, no matter how “complex”, in a matter of days. But the longer a password is, the more time it takes to crack. The recommendation is using a memorable phrase—from a book or song, for example—that doesn’t include special characters.

But determining a strong, (almost certainly) uncrackable password is only the first step. If the service you’re using is hacked and criminals gain access to your password, you’re still vulnerable. That’s where two-factor authentication (2FA) and multi-factor authentication (MFA) come in. These methods require you to set up an extra verification step. When you log in, you’ll be prompted to enter a security code which will be sent to your phone or even accessed via a dedicated verification app. That means if a hacker ever gets their hands on your password, they’ll still be thwarted.

4. A basic anti-virus will be enough to protect my business

Gone are the days where your McAfee or Avast anti-virus solution will be enough to protect your business. Now, there are dedicated tools to fight against specific threats like ransomware. A synchronised approach to security, whereby your solutions all interact with one another, is generally accepted as the most robust. Your security solutions should cover your endpoint, firewall, network connections, email and more. In addition, backup and disaster recovery solutions are recommended to mitigate any potential incidents.

5. We only need to protect against hackers

While hackers pose an enormous threat to your business, you can’t ignore the possibility of malicious insiders or even staff accidents. One of the most highly-publicised accidental breaches was a Heathrow Airport staff member losing a USB stick with sensitive data on it. Luckily, the person who found it handed it in rather than using it maliciously. The company was still fined £120,000 for its “serious” failings in data protection. It’s also all-too-easy for an employee to accidentally email a spreadsheet with sensitive data outside of the company.

READ MORE:

Equally, a disgruntled employee who has access to sensitive employee or customer information could willingly steal or share it. Locking down access to your core systems and ensuring fewer employees have access to them can help you protect against this. For accidental breaches, implement policies that state removable devices must be encrypted. You can also configure your email settings to block certain attachments from being shared outside of your organisation.

Are you or your staff members guilty of believing any of these myths?

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Barry O'Donnell

Barry O'Donnell is the Chief Operating Officer at TSG, offering managed IT support in London, with expertise across a range of areas including Office 365, Dynamics 365, document management and business intelligence.

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...