With cyberattacks, ransomware attacks, and online fraud all on the rise, it’s important for everyone to understand the basics of cybersecurity.
However, I still encounter a lot of myths, misconceptions and general lack of understanding about some of the most common threats.
Debunking 5 Misconceptions About Cybersecurity
adobe stock
So, we’ve rounded up five of the most common myths about this subject that many consider to be highly technical, but in reality often requires common sense and caution. Dispelling some of these myths will ensure that individuals and organizations are better equipped to protect themselves against a growing number of threats.
Cyber defense is all about technical skills
When you imagine what the task of defending against cyber threats looks like, you might imagine someone sitting in a dark room scanning a monitor for signs of network intrusion. In fact, the majority of cyberattacks (89% according to his 2022 study by the UK government) involve social engineering, where attackers attempt to trick users with access into entering. Protecting yourself from these threats, not programming, system administration, or computers, requires vigilance, risk management, regulatory and compliance knowledge, and of course common sense. In fact, the most important element of cybersecurity often involves understanding the human element of these attacks. Because this is usually what criminals are trying to exploit.
Only businesses need to worry about cyberattacks
You might think that cybercriminals only target businesses and wealthy individuals, but this is a big mistake. Thousands of attacks are launched against individuals every minute, many in the form of phishing attacks that attempt to leak sensitive information that can be used to access computers and accounts. Other attacks that commonly target individuals include attempts to plant viruses or spyware on computers, and keyloggers that monitor keystrokes to collect passwords, credit card numbers, and bank account details. Another emerging threat that commonly targets individuals is botnets. This involves hackers hijacking hundreds or thousands of computers and harvesting their power to carry out power-intensive but profitable activities such as cryptocurrency mining. will be In all these cases, cybercriminals often prefer to target individuals rather than businesses. This is because they are unlikely to take measures to detect and prevent attacks.
It’s only the IT department’s responsibility
It’s probably understandable that in the past, an organization’s employees simply expected IT to take responsibility for protecting them and the company as a whole from cyberthreats. Today, with threats far more diverse and less focused on technical attacks, everyone has a responsibility to stay vigilant and have a better understanding of safety and best practices. In the boardroom, cybersecurity should be a fundamental component of business strategy. Essentially, even regular employees should understand the importance of day-to-day cybersecurity, such as avoiding phishing attacks, using strong passwords, and keeping data safe while working outside the office.
All you need is a strong password, firewall and antivirus
While these are important, there is a common misconception that if individuals follow these basic steps correctly, all will be well. Taken together, these three measures form the basic building blocks of the technical elements of cybersecurity. You can think of these as the front door, wall, and guard dog of your digital house, respectively. Brute force attacks and social engineering techniques are routinely used to circumvent supposedly secure passwords, meaning other factors such as multi-factor authentication (MFA) are essential. Firewalls, while essential, are not impregnable and, like antivirus, must be constantly monitored for breaches and kept up to date. And of course, if you, or anyone else with access to your system, ignores the human factor discussed earlier in this article and simply gives the attacker the key to infiltrate themselves, they becomes worthless.
Cyber attacks are external threats
Media reports often focus on criminal gangs attacking victims from a distance. Unfortunately, this obscures the fact that research suggests that up to 75% of cyberattacks are actually conducted internally.
Insiders have been given a degree of trust within an organization where appropriate and typically also have knowledge of internal systems and processes that can be used to circumvent security measures. Mitigating these threats can be a delicate business for obvious reasons. Demonstrating a lack of trust in staff or introducing overbearing surveillance measures can have as damaging consequences as any other cyberattack.
But disgruntled employees and internal sabotage are just the beginning of the story. It is also believed that bad habits and habits related to cybersecurity have been picked up while working from home due to the pandemic, putting the organization at even greater risk.
Again, education and instilling a level of vigilance across the workforce is key to addressing this misconception.
Be sure to subscribe to stay informed about new business and technology trends. my newsletter,follow me twitter, LinkedInand YouTubeAnd check out my book.Future Skills: 20 Skills and Abilities Everyone Needs to Succeed in the Digital World‘ and ‘real business trendswon 2022 Business Book of the Year.
follow me twitter or LinkedIn. check out my website or my other work here.