Don’t fall for fiction.

From DDOS attacks to ransomware, the digital landscape is a hostile environment for businesses. In recent years, many companies have made cybersecurity a top priority. However, persistent cybersecurity myths continue to spread misinformation and lead many other businesses to leave cybersecurity on the backburner, content with the idea that a cyberattack couldn’t possibly happen to them.

With a wealth of knowledge at one’s disposal, ignorance is no longer an excuse, and it’s time to put the lies to bed once and for all. Here are eight ridiculous cybersecurity myths that need to go away.

1. Just a password will keep intruders out.

The importance of a strong password can’t be stressed enough. While in many cases it is the first line of defense, it shouldn’t be the only defense. Imagine someone does manage to figure out your password; then what? All your hard work and sensitive data is suddenly in the hands of cybercriminals and there’s nothing you can do about it.

Instead of leaning on just a password, use two-factor authentication for all logins to your company network.

2. All you need is antivirus software.

Just like a good password, having a good, reliable antivirus solution is a must-have in any business’s cybersecurity strategy. But again, it shouldn’t be the end-all, be-all. New viruses and malware may pop up faster than your antivirus software can update. When that happens, your antivirus may not recognize a cyberattack until it’s too late. Don’t be afraid to install multiple antivirus clients—running one in the background constantly and utilizing another to scan in regular intervals—and be sure to add a dedicated antimalware program.

3. Cybersecurity is IT’s business.

While your IT department is where to turn in the event of a cyberattack, the task of maintaining a secure cyber environment shouldn’t just be left up to them. Cybersecurity is every employee’s business, from the intern to the CEO. Everyone needs to follow best cybersecurity practices laid out by your IT department in order to keep your data safe.

Pearl Technology offers training and classes for businesses to ensure their employees are well versed in best cybersecurity practices. Contact Sarah Terry at 309-679-0320 for more on these opportunities.

4. Data breaches don’t happen to small businesses.

A common misconception is cyberattacks only happen to large corporations, and those are certainly the types of intrusions that make headlines. But for every Equifax and Sony, there are schools, municipal governments, retail stores, and others falling victim to cyberattacks such as phishing and ransomware. According to Forbes, a company falls victim to ransomware every 40 seconds, costing $1 billion in 2016.¹ The plain and simple fact is, if your business has money, it’s a target for cybercriminals. Don’t ever think a cyberattack can’t happen to you.

5. Digital and physical security are separate.

The world of technology is evolving all the time. As a result, society has allowed more and more of its daily routine to be connected. Increasingly, businesses are relying on the Internet of things (IoT)—including home assistants, security systems, and door locks—which can be hijacked by cybercriminals just the same as a computer. Don’t neglect safeguarding the connected devices that secure your office.

6. A firewall is all you need.

While a firewall is a valuable resource in keeping intruders out of your network, it’s not a failsafe. Firewalls can be—and have been—exploited. Companies that fail to install firmware patches and upgrades to their firewalls only complicate matters. Keep your firewall in working order with frequent updates—don’t ever put off these updates—but just as you wouldn’t with passwords and antivirus, don’t make it your only line of defense.

7. There is an end goal to ultimate cybersecurity.

Some companies enter the cybersecurity arena thinking at some point, they’ll be able to achieve a level of cybersecurity that won’t require them to make any more changes. The truth is, there’s no such thing. As mentioned earlier, cybercriminals are constantly adapting with new methods to seize your data; if you’re leaning on past practices, chances are they’ve found a way around it. Instead of viewing cybersecurity with an end goal, look at it the same way you’d look at your car; make sure to constantly take good care of it, or you’ll risk a breakdown.

8. IT consulting companies aren’t worth the money.

If you’re looking at a third-party IT provider as a waste of money, consider the following: Will the money you save be enough when a cyberattack does happen? According to the FBI’s 2017 cybercrime report, cyberattacks cost $1.42 billion in victim losses in 2017.² Chances are, your business doesn’t have that kind of money, and your effort to save a buck will be for nothing. The reality is, you can’t afford not to protect your network; investing in IT security or managed services can mean all the difference when cybercriminals strike.

What cybersecurity myths are you sick of hearing? Let us know in the comments!

CITATIONS

¹Harnish, Reg. “What It Means to Have a Culture of Cybersecurity.” Forbes, Forbes Magazine, 21 Sept. 2017.

²“2017 Internet Crime Report.” Internet Crime Complaint Center (IC3), Federal Bureau of Investigation.