My previous blogs were 16 cybersecurity tips so I thought is would be fitting to post 16 cybersecurity myths. October is cybersecurity awareness month so I am happy to bring these tips to everyone’s attention. Enjoy!

16 Cybersecurity Myths

Myth #1: We don’t need cybersecurity training

Fact: Every organization and employee that has access to, or could come into contact with sensitive data, should receive cybersecurity training. Threats are continuously evolving, making ongoing training critical for all. #CybersecurityAwarenessMonth

Myth #2: We’ll just deal with a breach when it happens

Fact: Paying for proper security and training is much cheaper than trying to recover from a single breach. In fact, many organizations that suffer a data breach don’t recover at all. Preventative breach measures will go a long way to help protect you. #CybersecurityAwarenessMonth

Myth #3: Cybersecurity threats only enter through the internet

Fact: You don’t need to be connected to the internet to experience a data breach. For example, your organization’s entire IT system could become infected just by one employee using an infected USB drive. Threats come in many forms. #CybersecurityAwarenessMonth

Myth #4: A strong password alone will protect your business

Fact: A strong password is certainly important, but it is not enough to protect your organization entirely. Multi-factor authentication will help protect your account a step further, along with many other necessary security measures. #CybersceurityAwarenessMonth

Myth #5: Small & medium-sized businesses aren’t targeted by cybercriminals

Fact: A majority of data breaches happen at small businesses. Often times, small and medium-sized businesses lack the proper security measures and training to defend against cybercriminals, making them a major target. #CybersecurityAwarenessMonth

Myth #6: Only certain industries are vulnerable to cyber attacks

Fact: While some industries are targeted more fiercely than others, no business is off-limits when it comes to a cyber-attack. If your organization has access to or stores sensitive data, you are vulnerable to a cyber-attack. #CybersecurityAwarenessMonth

Myth #7: Anti-virus & anti-malware software keep you completely safe

Fact: Anti-virus and anti-malware software are incredibly important when it comes to protecting your system, but that doesn’t mean you’re in the clear. This software can’t protect against all cybersecurity risks, many of which involve human error. #CybersecurityAwarenessMonth

Myth #8: Cybersecurity threats only come from the outside

Fact: Many cybersecurity threats do come from the outside, but insider threats are just as likely. Insider threats can have malicious intent or could be the result of an honest mistake. Either way, these insider threats are often difficult to detect. #CybersecurityAwarenessMonth

Myth #9: You can’t be attacked on social networking sites

Fact: Many attacks can stem from social networking sites. For example, if your friend gets breached, you could get private message from them with a link telling you to “click here to watch a funny video!” when in reality, it’s a malicious link. #CybersecurityAwarenessMonth

Myth #10: If wi-fi has a password, it’s secure

Fact: All public Wi-Fi can be compromised, even with a password. Anyone who has access to the Wi-Fi password could abuse the connection. That means that if your information isn’t encrypted, it could fall into the wrong hands. #CybersecurityAwarenessMonth

Myth #11: You’ll know immediately if your device is infected

Fact: Many times, nothing visually happens when a device or network is infected. Often, the attacker’s goal is to go undetected, however, there are directed attacks such as ransomware that will be immediately visible. #CybersecurityAwarenessMonth

Myth #12: Personal devices can’t impact your organization

Fact: Personal devices can compromise a company’s network. This makes it so important for organizations to have strong Bring Your Own Device (BYOD) policies that outline security protocols for personal devices. #SecurityAwarenessMonth

Myth #13: Complete cybersecurity is achievable

Fact: Although it would be nice if complete cybersecurity were a “one and done” kind of thing, there’s no such thing as being completely cyber-secure. New threats emerge every day, making cybersecurity an ongoing process. #CybersecurityAwarenessMonth

Myth #14: My data, or the data I have access to isn’t valuable

Fact: All data is valuable. Whether your organization is a start-up business or large corporation, your data is worth something to a cybercriminal. The same rules apply to your personal data, as even a password can lead to a goldmine. #CybersecurityAwarenessMonth

Myth #15: Phishing scams are easy to detect

Fact: Cybercriminals are continuously advancing their tactics to make phishing scams more difficult to detect. Many phishing emails use social engineering techniques to make them more personalized, resulting in a higher success rate for the attacker. #CybersecurityAwarenessMonth

Myth #16: This is only temporary

Fact: Cybercrime is not going anywhere soon. #hereforever