Debunking the Top Seven Cybersecurity Myths
It is easy to feel uninformed with the number of cybersecurity myths that are frequently shared. The world of cybersecurity can be convoluted and confusing, but it doesn’t have to be. Arm your organization and yourself with facts about cybersecurity that will help you protect your personal, private information.
Myth #1: If the Wi-Fi You Are on Has a Password, It Means You Are Secure
Two instances that make organizations susceptible to public Wi-Fi network woes are shared workspaces and remote employees. Despite the illusion of security, password-protected Wi-Fi networks are still dangerous. Just about anybody can get their hands on your password and attempt to access your valuable files and information. The good news is that VPNs can help. VPNs allow typically vulnerable computer users to simulate being at work on a secure platform – regardless of where they are. Avoid accessing important information on any public Wi-Fi platform, password or not.
Myth #2: Cyberattacks Only Happen to Large Businesses
Every company is susceptible to attacks, regardless of size. In fact, Verizon reported in the Data Breach Investigations Report that small businesses account for 58% of data breaches. No one is free and clear from the potential threat of cyberattacks and that is precisely why prevention is so important. Ensuring that your organization, your employees and you are cyber-literate is essential towards the well-being and future of your organization.
Myth #3: Security Is Static and the Controls We Implemented Last Year Will Work This Year
Concerns for data protection are rising and the only solution is to be innovative and adaptive with the way you approach cybersecurity. Cybersecurity needs are different for every organization and they are not static, they are ever-changing. 2019 has been filled with cybersecurity breaches, from Facebook to NASA. As a leading cybersecurity and compliance firm, we at A-LIGN help our partners stay up-to-date on the latest threats and advances in the security ecosystem. Hacking and security is a never-ending game of cat-and-mouse, which is why our penetration testers modify their hacks and techniques frequently based on the latest news regarding hacks and patches.
Myth #4: Cybersecurity is Only About Defense
Cybersecurity is about defense, but it is also a major revenue-generating and trust-building business move. The average cost of a malware attack on a company is $2.4 million, and the average cost of time of a malware attack is 50 days. In fact, 60% of small businesses that suffer a cyber attack are out of business within six months. More than ever, clients and potential clients are attracted to organizations and service providers with a strong cybersecurity and safety posture – not only to know that their data is safe but as assurance that the organization will be around for the long term.
Equifax had a huge data breach in 2017 that affected 125.5 million people. Addresses, birth dates, social security numbers and driver’s license numbers were leaked, alarming customers and putting the focus on cybersecurity.
Myth #5: Cybersecurity Attacks Come From the Outside
From human errors to baleful intent, cyberattacks are not just from the outside. McKinsey & Company reports that insider threat is present in 50% of cyber breaches. All situations need to be considered in order to have a complete cybersecurity plan. For example, implementing a thorough exit plan for employees leaving the company and ensuring that all employees are trained on basic cybersecurity measures are two protocols every organization should consider implementing.
Myth #6: Strong Passwords and/or Wireless Encryption Are Enough to Keep a Company Safe from Hackers
A strong password or using strong wireless encryption like WPA or WPA2 used to be sufficiently secure, but hackers are becoming more advanced in their techniques to hack into someone’s account. One way to help combat this issue is to enforce two-factor authentication on any device that allow the user to look at sensitive content. Password manager apps and websites are also an excellent way to allow users to use more complex passwords without the responsibility of remembering all of them. Lastly, enforcing a timeline on how long a user can use the same password can help keep private information secure.
Myth #7: Assessments Are Not Necessary
Having a third-party examine your company’s internal controls can help you take a hard look at what your organization is doing right and what needs improvement. Assessments provide third-party assurance that your organization has appropriate controls in place to help mitigate risk. Additionally, regular penetration tests allow you to test your organization’s maturity over time and find potential flaws in your security infrastructure – before the bad guys do.
The world of cybersecurity can be overwhelming. A-LIGN’s experience and commitment to quality can help your business achieve the cybersecurity and compliance goals it is seeking. We offer an extensive list of compliance and cybersecurity services that can arm your organization from the various threats that businesses face.