Common Cybersecurity Misconceptions

cybersecurity misconceptions

Employees empowered with the resources and knowledge to protect your organization from cyber threats is one of the best lines of defense you can have. Let’s break down often-quoted cybersecurity misconceptions from CyberSecure My Business.

Misconception: My data (or the data I have access to) isn’t valuable.

All data is valuable.

Take Action: Do an assessment of the data you create, collect, store, access, transmit and then classify all the data by level of sensitivity so you can take steps to protect it appropriately.

Misconception: Cybersecurity is a technology issue.

Cybersecurity is best approached with a mix of employee training; clear, accepted policies and procedures and implementation of current technologies.

Take Action: Educate every employee on their responsibility for protecting sensitive information.

Misconception: Cybersecurity requires a huge financial investment.

Many efforts to protect your data require little or no financial investment.

Take Action: Create and institute cybersecurity policies and procedures, restrict administrative and access privileges, enable multi-factor authentication and train employees to spot malicious emails.

Misconception #4: Outsourcing to a vendor washes your hands of liability during a cyber incident.

You have a legal and ethical responsibility to protect sensitive data.

Take Action: Put data sharing agreements in place with vendors and have a trusted lawyer review.

Misconception: Cyberattacks always come from external actors.

Succinctly put, cyberattacks do not always come from external actors.

Take Action: Identify potential cybersecurity incidents that can come from within the organization and develop strategies to minimize those threats.

Misconception: New software and devices are secure when I buy them.

Just because something is new, does not mean it is secure.

Take Action: Ensure devices are operating with the most current software, change the manufacturer’s default password to a unique, secure passphrase and configure privacy settings prior to use. Just because something is new, does not mean it is secure.

Want to learn more about ICN’s security services? Contact one of our account consultants to get started. We have Managed Firewall, DDoS Mitigation, Incident Response, Penetration Testing, and Colocation experts available to answer questions.