Debunking The Top 5 Cybersecurity Myths
7 September 2023
At a time when cyberattacks, ransomware attacks and online fraud are all on the rise, it’s important that everyone understands the basics of cybersecurity.
However, I still come across a lot of common myths, misconceptions and a general lack of understanding around some of the most common threats.
So, here’s a rundown of five of the most common myths around a subject that many people see as very technical but, in fact, often involves common sense and alertness. By dispelling some of these myths, individuals and organizations can ensure they are better prepared to defend themselves against a number of growing threats.
Cyber Defense Is All About Technical Skills
When we imagine what the task of defending against cyber threats looks like, we might imagine someone sitting in a darkened room scanning a monitor to detect signs of intrusion into a network. In actual fact, the vast majority of cyber-attacks (89% according to a 2022 study by the UK government) involve social engineering, where an attacker attempts to trick someone with access into letting them in. Rather than programming, systems administration or computer science skills, defending against these threats involves alertness, risk management, knowledge of regulations and compliance, and of course, common sense. In reality, the most important element of cybersecurity often involves understanding the human element of these attacks – as this is usually what criminals hope to exploit.
Only Businesses Need To Worry About Cyberattacks
You might think that cybercriminals are only interested in targeting businesses or perhaps wealthy individuals, but this would be a big mistake. Thousands of attacks against individuals are launched every minute, often in the form of phishing attacks that attempt to get us to divulge sensitive information that can be used to access our computers or accounts. Other attacks that are commonly targeted at individuals include attempts to place viruses or spyware on computers and keyloggers that monitor keystrokes in order to collect passwords, credit card numbers or bank account details. Another emerging threat that commonly targets individuals is the botnet. This involves hackers hijacking hundreds or thousands of computers and leeching their power in order to run power-hungry but profitable activities such as cryptocurrency mining. In all these cases, cybercriminals often prefer to target individuals rather than businesses, as they are less likely to have measures in place to detect and prevent attacks.
It’s Solely the Responsibility of the IT Department
In the past, it was perhaps understandable that an organization’s employees simply expected the IT department to take responsibility for keeping them - and the company as a whole - safe from cyber threats. Today, as threats become far more diversified and less focused on technical attacks, everyone has a responsibility to be vigilant and to develop an understanding of safety and best practice. In the boardroom, cybersecurity needs to be a fundamental element of business strategy. Just as essentially, rank-and-file employees should understand the importance of everyday cybersecurity, such as avoiding phishing attacks, use of strong passwords, and keeping data secure while working off-premises.
Strong Passwords, Firewalls And Antivirus Are All I Need
While they are important, there’s a common misconception that if an individual gets these basic steps right, everything will be fine. Taken together, these three measures are the basic building blocks of the technical elements of cybersecurity – they can be thought of as the front door, the walls, and the guard dog, respectively, of your digital house. Brute force attacks or social engineering methods are routinely used to circumvent supposedly secure passwords, meaning that other factors, such as multi-factor authentication (MFA), are essential. Firewalls, though essential, are far from impregnable and, like antivirus measures, must be consistently monitored for breaches and kept up-to-date. And, of course, they are all worthless if you, or someone else with access to your system, ignores the human factors we have previously discussed in this article and simply give an attacker the keys to let themselves in.
Cyberattacks Are An External Threat
Media coverage often focuses on criminal gangs that attack victims from afar. Unfortunately, this obfuscates the fact that research suggests up to 75 percent of cyber attacks are actually inside jobs.
Insiders, out of necessity, are given a level of trust within organizations and also generally have knowledge of internal systems and processes that can be used to circumvent security measures. Mitigating these threats can be a sensitive business for obvious reasons – as showing a lack of trust in staff or implementing overbearing surveillance measures may have consequences that are just as damaging as any cyber-attack.
But disgruntled employees or insider corporate sabotage are just the start of the story. It’s also believed that bad cybersecurity habits picked up while working from home due to the pandemic have led to an increase in bad practices and habits that are leaving organizations further exposed.
Once again, education and instilling a level of alertness across the workforce is the key to tackling this misconception.
Related Articles
Generative AI And Data Protection: What Are The Biggest Risks For Employers?
If you’re an employer tempted to experiment with generative AI tools like ChatGPT, there are certain data protection pitfalls that you’ll need to consider.[...]
Building Responsible AI: How To Combat Bias And Promote Equity
AI has the power to be hugely transformative, both in business and in the way we live our lives.[...]
The 20 Generative AI Coding Tools Every Programmer Should Know About
It shouldn’t come as any surprise to learn that today’s generative AI large language models (LLMs) like ChatGPT and Google Gemini are just as fluent in Python, Javascript and C++ as they are in English, Spanish or Arabic![...]
Can Generative AI Solve The Data Overwhelm Problem?
Data is arguably the most valuable asset for today’s businesses.[...]
How Generative AI Will Change Jobs In Healthcare
Generative AI has the potential to change the way professionals work in every industry.[...]
The Crucial Difference Between AI And AGI
Artificial Intelligence (AI) is a transformative force that is reshaping industries from healthcare to finance today.[...]
Sign up to Stay in Touch!
Bernard Marr is a world-renowned futurist, influencer and thought leader in the fields of business and technology, with a passion for using technology for the good of humanity.
He is a best-selling author of over 20 books, writes a regular column for Forbes and advises and coaches many of the world’s best-known organisations.
He has a combined following of 4 million people across his social media channels and newsletters and was ranked by LinkedIn as one of the top 5 business influencers in the world.
Bernard’s latest book is ‘Generative AI in Practice’.
Social Media