Cybersecurity


By Rob Sober/Varonis

Cybersecurity preparedness is one of the major obstacles facing businesses today. Despite the increased focus on making companies cybersafe, there are several common cybersecurity misconceptions that still pervade the business world.

If you or your employees believe any of the myths below, you could be opening up your business to unknown risk. Check out the full list, or jump to our infographic for tips on how you can bust these myths and keep your business cybersafe.

strong password cybersecurity myth

Strong passwords are one of the foundations of good cybersecurity practices, especially for businesses. However, implementing and enforcing strong password policies is only the start. In fact, one of the major components of cybersecurity preparedness that companies overlook isn’t how people access the information — it’s what information is available in the first place.

Not only do employees need strong passwords, companies need to be more aware of who they allow to access what data. In a recent study, we found that 41 percent of companies had at least 1,000 sensitive files open to all employees. Many companies also don’t have a system in place to monitor admin access. Strong passwords help keep your company safe, but there’s a lot more at risk once employees are in the system.

small businesses aren't hacked myth

The proliferation of high-profile hacks in the news cycle often tricks small- and medium-sized businesses into thinking that they won’t be targets of attack. In reality, the opposite is actually true. In fact, according to the 2018 Verizon Data Breach Investigations Report, 58 percent of data breach victims are small businesses.

This happens for several reasons. Many businesses aren’t targeted specifically, but instead are victims of what’s known as “spray-and-pray” attacks — hackers set up automated systems to randomly infiltrate businesses. As these attacks are random, any business can be damaged, regardless of size.

Small businesses tend to be “softer” targets, as they have less funding for advanced data protection software and often don’t have skilled security teams, which makes them more likely to fall victim to spray-and-pray attacks. Targeted attacks also tend to focus on small businesses, precisely because they’re unprotected.

vulnerable industries hacking myth

Much like some businesses believe they won’t be attacked because of their size, other businesses wrongly assume that they won’t be attacked because of the industry they’re in. This myth also goes hand-in-hand with the belief that some companies don’t have anything “worth” stealing. The reality is that any sensitive data, from credit card numbers to addresses and personal information, can make a business a target.

What’s more, even if the data being targeted doesn’t have resale value on the darkweb, it may be imperative for the business to function. Ransomware, for example, can render data unusable unless you pay for a decryption key. This can make attacks very profitable for cyber criminals, even if the data is deemed “low value.”

anti-virus cybersecurity myth

Anti-virus software is certainly an important part of keeping your organization safe — but it won’t protect you from everything. Software is just the beginning of a comprehensive cybersecurity plan. To truly protect your organization, you need a total solution that encompasses everything from employee training to insider threat detection and disaster protection.

insider and outsider security threats

While outsider threats are certainly a concern and should be monitored extensively, insider threats are just as dangerous and should be watched just as closely. In fact, research suggests that insider threats can account for up to 75 percent of data breaches.

First « 1 2 3 » Next