Let us dispel some common cybersecurity myths!
My business is too small to be a target
The Federation of Small Businesses reports that UK small businesses are targeted with over 10,000 cyber attacks every day, many of which are a result of cyber criminals believing that they are less secure. Many organisations believe that if they are a smaller business then they will not be a legitimate target for cyber criminals which can cause them to insufficiently invest in their cybersecurity provisions. However, cyber attacks can affect businesses of any size.
My data isn’t worth anything anyway…
Worryingly, a lot of businesses still operate with the belief that their data would not be valuable to a third party, which can cause them to leave their confidential information exposed. If your data is important to you, it will be important to them and so there is a risk that it can easily be exploited by hackers, stolen, encrypted or held to ransom.
Don’t cyber threats only come from external sources?
Insider threats are on the rise, both because of malicious intent and accidental human error. Therefore, it is important that you tighten their access and carry out comprehensive and frequent training. Many businesses focus their cyber security efforts on third-party sources and fail to adequately protect against internal threats.
What is Apex Zero Trust Software (apexcomputing.co.uk)
Antivirus software will be enough!
Long gone are the days where businesses could install antivirus software on their devices and be done. In the current, day-to-day cyber security environment, you need to implement a multi-layered strategy that protects your network and servers. Additionally, businesses need to establish back-up and disaster recovery measures to protect data. While antivirus software can be used as part of this approach, any approach needs to be multi-faceted as well as being aware of the dangers of relying on it as a sole solution.
I can spot any phishing attack!
One of the most common forms of phishing is a spear phishing attack – where attackers use intelligence about your business to make the email look bona fide and legitimate. A large percentage of attacks are done this way. They commonly ask for payment or urgent action for a convincing reason. Attacks may also spoof a legitimate email – for example, as though they were sent from a manager, the CFO or CEO.
Cyber security is down to our IT team, isn’t it?
One of the most common cyber security myths is that maintaining a strong security position is the responsibility of your business’ internal IT team or outsourced IT solutions provider. A business’ cyber security is only as strong as its weakest link so, it is vital that every member of a team has undergone training and knows how to help prevent and avoid attacks.
Think carefully about allowing staff to ‘Bring Your Own Device’. BYOD (apexcomputing.co.uk)
To discuss any cyber security requirements and training, contact us for a free IT health check