7 Cyber Security Myths That Will Make You Laugh (Or Cry)
16 August 2017 15:24
Full of tech jargon and bands of enthusiastic followers, cyber security is often labelled as some sort of geek cult for the IT world. But cyber security affects us all, and some of the most damaging myths are putting us at risk. So, now's the time to clear them up!
#1 “Hacking is exactly how it looks in the movies”
If you’ve never seen a Hollywood-esque hacking film, we’ll give you a quick run through of them all: A montage of a man typing furiously in front of 5 monitors is covered by intense, rapid music. Sweating profusely, the timer comes agonisingly close to zero… he’s not going to make it. But...hold on a sec...HE’S IN! 0.1 seconds left on the clock -- time to celebrate.
Now, maybe if you’re hacking into The Matrix then that might be a pretty accurate portrayal. But cyber criminals targeting businesses in the real world actually require much fewer resources -- and have much more time. A collage of screens isn't needed, one laptop would suffice. Ultimately, it takes much less to hack into a system than the movies might make out.
#2 “I would never be a target, I don’t have anything worth stealing!”
It’s no secret that one of the most difficult parts of creating a security-minded workforce is trying to ingrain the fact that we’re ALL a target. For a lot of lower-level employees, there’s a tendency to believe that only IT, Finance or board members are the ones at risk. But we all have valuable data (be it personal or corporate) that cyber criminals have the potential to make some serious money from.
The internet was intended to share information, and that’s exactly what it does -- but at a cost. If the information is put onto the web, or even stored on any device capable of connecting to the internet, then that data can be accessible to anyone. Encrypting information, whether stored or in transit, is key here.
#3 “Cyber criminals only go after the big guys”
You might not be laughing at this myth, but a hacker sure will be.
As a small to medium-sized business, there’s good logic in believing that cyber criminals would rather target the Googles and Facebooks of the world, where the prize is much higher. But the fact that SMEs have fewer resources is actually exactly what makes them a more attractive proposition. After all, they’re less likely to protect themselves, making them an easier target to breach.
Customer and client information, as well as employee information, are all at risk. There’s even the possibility of finding a way into the systems of a customer whose systems are linked through e-commerce, email or in some other way.
But the myth that SMEs are immune seems as strong as ever, with only 9% of UK SMEs having insurance in place to protect from a cyber threat, despite the fact that 28% admit they would go bust if faced with an unexpected £50,000 bill.
#4 “Cyber security? That’s IT’s job”
There’s no doubt that cyber security has a large focus on implementing technical controls when safeguarding information. But humans are seen as the “weakest link in the chain” for good reason. Whether intentional or accidental, employee actions are the biggest cyber security risk.
So rather than cyber security been brushed under the remit of IT, it’s time for department leaders to tackle the issue together. Encouraging all users to undertake security awareness training is needed now more than ever. Securing customer and client data is the duty of every user, not just one for the IT folks.
#5 “Hackers are just teens living in their parent’s basement”
In big contrast to the movie version of a hacker, there’s another pretty damning perception that floats around. That’s the belief that a hacker is someone who stays up late at night, doesn’t leave their house, is socially inept and has some kind of grudge against humanity (...ouch).
The fact is, most cyber criminals lead a pretty normal life. They wake up early, go to work, and socialise in public spots. In today’s world of ever-advancing technology, it’s not that rare to have IT-related hobbies. You never know, a hacker could be someone sitting next to you asking for a hot-spot connection (not that we’re being dramatic).
#6 “Being cyber secure is all well and good, but it’s too expensive!”
Another one for the hackers to have a chuckle at. Now, cyber security spending has increased for a lot of organisations, but there’s still a lot of businesses underspending (or avoiding it completely). Of course, there are some hugely expensive solutions out there, but there are also various utilities which are affordable even for smaller companies.
In fact, considering the losses you may face if you suffer a breach through bad security practice, then the cost of implementing internet security is pretty cheap!
#7 “There’s no way I’ll get phished, I only open emails from people I know”
Like SMEs believing they’re less likely to be a target, there’s perfect logic in believing you're safe when only opening emails from known sources. That’s until you find out that you were tricked, and that the link you just clicked only appeared to be from someone you know.
Cyber criminals don’t just possess technical skills, they can also boast some impressive social engineering talent. Pretending to be someone close to a user, or someone who is likely to ask for valuable data from them (such as a HR or finance colleague), is becoming more common nowadays.
It’s important to raise awareness on the importance of protecting data when exchanging emails or messages. Certain information should never be shared over email, and unusual requests or behaviour should be flagged.