In the world of cybersecurity and cybercrime, there are a lot of myths, misconceptions and rumours shared between business owners and employees.
Myth 1: Small and medium-sized businesses aren’t targeted by hackers. Cybercriminals are more interested in larger companies.
Myth 2: Businesses must buy expensive hardware or software solutions to implement effective cybersecurity.
Myth 3: My business has nothing worth protecting from cyber-attacks.
Myth 4: Password managers are unsafe and a risk to my business.
Myth 5: Public Wi-Fi is safe to use. It’s just like any other wi-fi network.
Our ,Trusted Partner, CYFOR, said, “If you had no windows or doors on your house and went away for 2 weeks, would your valuables still be there once you got back? This is the reality I am afraid of for many small to medium size businesses when we view their current cybersecurity posture."
Develop Capability said, “In reality, ,small businesses made up over half of last year’s breach victims.
The proliferation of high-profile hacks in the news often tricks small and medium-sized businesses into thinking that they won’t be targeted for a cyber-attack. In reality, the opposite is actually true. In fact, according to the 2018 Verizon Data Breach Investigations Report, 58 per cent of data breach victims were small businesses."
"This happens for several reasons. Many businesses aren’t targeted specifically but instead are victims of what is known as ‘spray-and-pray attacks when hackers set up automated systems to try to infiltrate businesses randomly. As these attacks are random, any business can be damaged, regardless of size.
Small businesses tend to be ‘soft’ targets, as they are often not prepared against cyber-attacks and don’t have skilled security teams. This makes them more likely to fall victim to spray-and-pray attacks. Targeted attacks are then used to focus on these small businesses once it is discovered that they are vulnerable.”
Don't wait until it's too late to prioritise cybersecurity - ,become a member of the Cyber Resilience Centre; we can help protect your business and your customers. Start your journey to becoming more cyber-resilient today.
This is a common misconception among small/medium-sized organisations; they often think that it requires a lot of investment to be effective. Most of the time, it’s more about taking small steps to make your security strategy more robust by proactively thinking about risks. Changing your mindset to be more aware of threats is the most cost-effective method for implementing effective cybersecurity solutions.
We asked our Trusted Partner, Bergerode Consulting, “Effective cybersecurity, in my view, is first and foremost a set of positive behaviours which put cybersecurity on a solid footing. Just now, knowing what threats your business faces determines what choices you make about meeting these threats.”
Kevin continues, “If a business faces a malware risk from staff using personal USBs in company workstations, some security companies will try to sell software to that business which controls the use of USBs, but such software can be expensive, and it will certainly not address the reason why staff are using USBs, to begin with."
"Rather than buy such software, companies should seek to address why staff are using personal USBs and take ownership of the issue by updating the staff handbook to make use of personal USBs not permissible and also look to using existing software, e.g. Active Directory, to manage the use of USBs. This is more likely to address the root cause of the issue and deal with any risks than just buying a solution and being locked into an expensive support contract.”
We provide ,affordable, professional cyber security services that help you assess, build and manage your organisation’s cyber security capabilities, build confidence, understand your vulnerabilities and secure your business. ,Talk to us today.
The truth is that every business, regardless of its size, has a value from an attacker’s perspective. Even though you may not face the same threat level as large organisations, the risks are still very real. Here are some reasons why every business needs to prioritise cybersecurity:
We asked our Trusted Partner, Cyber Security Specialists, “Your data is worth thousands to marketing companies and can be used by hackers to launch more sophisticated attacks to try and obtain your bank details and login details to Netflix, Amazon and more!”
We have created a ,Cyber Incident Response Pack containing documents to help support your business plan its response to a cyber incident. These documents are designed to complement any existing plans or assist you in creating one.
The idea that password managers are unsafe for use is very common, which is understandable. To most, password managers appear to be a single point of failure; if they get breached or hacked, all my saved passwords get exposed too. This, however, is not the case; password managers use very sophisticated levels of encryption to ensure that threat actors are not successful in viewing any of your passwords, even if they gain access to data.
The National Cyber Security Center (NCSC) says, ‘,Password managers are a good thing', which comes as no surprise when you look at their advantages.
Public Wi-Fi is common in public places like coffee shops, restaurants, airports and hotels. After signing up, it normally gives the user a free internet connection that anyone can use. Although it may seem harmless to most, there are still risks involved with using it. The problem is that the security that the networks enforce tends to be limited.
One of the biggest problems with public Wi-Fi is a Man-In-The-Middle (MitM) attack. This is when an attacker sits on a network and reads transmitted data sent from users to websites. If this data is vulnerable or in plain text, sometimes an attacker can read the information, which could be sensitive, like login credentials. This goes hand in hand with unencrypted networks; When in use, any data sent from the user to the router can be read by anyone.
Another issue is malicious hotspots; these are set up with the intention of getting victims to connect to what they think is a legitimate network because it sounds reputable. Once connected, the attacker can now view your sensitive information.
Using a VPN (Virtual Private Network) is a good way to stop these types of attacks from happening because they protect any data you transmit across a network. Another solution would be to connect to your phone hotspot or a dedicated dongle.
Got a question? Don't hesitate to ,contact us or browse our ,Frequently Asked Questions guide.
Click to Open Code Editor