As an advisor and consultant specialising in cyber security, I have come across many cyber security myths over the years! Here are 5 of the most common myths I have encountered and what I really think about them as a seasoned cyber vet.
Myth 1: "We have the best tech and tools and therefore we know we are secure"
Cyber Security is as much about people and culture as it is about technology.
Myth 2: "We are not a target for attacks because we are a very small company"
BUSTED: Cyber-attacks on SMEs have increased massively over the past 5 years. Small businesses can be a treasure trove for hackers and cybercriminals.
In fact, many SMEs have closed down business within 6 months of a major cyber-attack. Size does not matter for a hacker!
Myth 3: "Security is the responsibility of our IT Team"
BUSTED: Cyber Security has moved from the server-room and into the boardroom because cyber-attacks are increasingly impacting much more than technology - they can impact brand, reputation and customer trust.
Everyone in an organisation has a responsibility to contribute to keeping data safe and secure - not just the IT team!
Myth 4: "We are compliant with ISO27001 which means we are fully secure"
Sooo BUSTED: Adherence and compliance to regulations and/or frameworks is a big step towards cyber preparedness. However, this does not guarantee data security (even if it is ISO 27001!). Organisations need to take a risk-based approach so that they can capture the risks that are pertinent to their organisation (that may not be addressed in the regulatory compliance framework).
Yes, the annual training is a plus, though it can sometimes be seen as a tick-box exercise which has very limited impact on people's behaviour and mindsets.
As cyber-attacks increase in frequency and impact, it is important to understand that every organisation, big or small, is always a potential target for cyber-attacks. This is not a case of if, but when.
Interested in taking your cyber security seriously? Book a demo with our team at a time that suits you below.