News & Resources
6 cyber security myths debunked
6 cyber security myths debunked
Think you’re small enough to fly under the radar of cyber criminals? Think again. Small businesses are setting themselves up for a fall with these common cyber security myths.
SMEs might not appear to be lucrative targets when compared to giants, but to cyber criminals, any business is a potential victim.
It’s important to be aware of common misconceptions about cyber security, so we’ve put together a list of the most prevalent. How many of these do you recognize?
1. Large businesses pay more for data breaches
At first glance this is true. Larger businesses have more customers, so it stands to reason that they’d pay a larger amount when they’re targeted.
However, research from the Ponemon Institute revealed that global cybercrime is on the rise for smaller businesses. Between 2013 and 2015 the cost rose 12 percent per connected employee. As a result, these businesses pay 4.2 times more per employee to deal with cybercrime than their larger peers.
2. Security leaks are so rare there’s no point getting serious protection
Big, headline-grabbing security breaches are rare. But what about everyday fraud and smaller data leaks? Each might be smaller but cumulatively they can be devastating.
Despite the misconception that SMEs aren’t the target of data leaks, The Department for Business, Innovation and Skills discovered that 74% of small businesses reported a security breach in 2015. This is up from an astonishing 60 percent in 2014 and 64 percent the previous year.
And this is just the officially reported stats as victims of cybercrime often worry about admitting their systems were breached.
“Cybercrime is massively under-reported and it is partly because people don’t want to admit they have been conned or caught out for fear of scaring customers,” says Colin Borland of the Federation of Small Businesses in Scotland.
3. We can’t be at risk because we don’t take online payments
Cybercrime shouldn’t just be viewed as a digital bank heist. It doesn’t matter whether you deal with taking online payments; as long as you have records and a computer network you could be at risk.
Data is a hot commodity and once cyber criminals have taken control of yours, they can hold it to ransom. Have you got the funds to pay for the safe release of your appointment books and customer databases?
4. We’ve hired an IT specialist to handle security, so we don’t need to know anything else
Having an IT security specialist on your staff is a great way to start protecting your business against cybercrime. However, don’t assume they can be constantly aware of what’s happening on your network. Everyone who has access to your computers, phones and data should have training in cyber security best practice.
For example, your IT security specialist can establish an airtight defense against cyber-attacks, but what happens when Geoff from accounts unknowingly falls for a phishing email? Your network could be instantly compromised.
According to the 2014 edition of the BIS study, 70% of companies that had poorly understood security policies suffered staff-related breaches. By contrast, only 41% of those with comprehensive security policies fell victim to a leak.
5. We have strong antivirus software on our systems, so we’re well protected
A strong antivirus suite is an essential first step in protecting your data and your business. It can’t, however, protect from Distributed denial of Service (DDoS) attacks, in which your website is flooded with junk traffic that slows it down to the point of being unusable. Nor can it protect against web-based attacks, where cyber criminals exploit vulnerabilities in your code and steal data like customer credit card details. Cybercrime has evolved and your defense against it needs to as well.
6. If an intruder gets in, we’ll notice right away
Some cyber-attacks make their presence known immediately, with endless pop-ups or an immediate lockdown and ransom of your PC. Others are more insidious and hide away, spying and quietly harvesting data while preparing to gain more access to your network.
These Advanced Persistent Threats (APT) are a common problem for businesses.
Want to learn more about how to keep your small business safe? Contact Tech Check for a full review of your existing network.