Even though the terms ‘cybercrime’ and ‘cybersecurity’ have been with us for a good while now, myths still abound.
Generally speaking, business owners and individuals alike still think of a cyber-criminal as a lone operator sitting in a dark room, with a hoodie over their head, plotting destruction.
The plotting destruction piece is correct.
But the cyber-criminal world is now made up of huge corporations – with all the power and resources at their disposal that huge corporations have. So far from being lone wolves, cyber-criminals are now part of multi-million dollar organizations.
And they have your business in their cross hairs.
That leads us to the first myth to bust.
Myth 1: Our business is too small to be of interest to cyber-criminals
Wrong.
One of the most attractive aspects about your business for cyber-criminals is the fact that you’re small. According to the World Economic Forum, small and medium (SME) sized companies make up 99% of businesses in the EU. Additionally, a new report released in early 2022 shows that SMEs are three-times more likely than large businesses to be targeted by cyber-criminals.
The European Union Agency for Cybersecurity (ENISA) states the following reasons why SMEs are a target for cyber-attacks.
- Low awareness of cyber threats
- Inadequate protection for critical and sensitive information
- Lack of budget to cover costs incurred for implementing cybersecurity measures
- Availability of ICT cybersecurity expertise and personnel
- Absence of suitable guidelines tailored to the SMEs sector
- Moving online
- Low management support
Myth 2: Our business is too big to be a target for cyber-criminals
Also wrong.
Are any of these names familiar?
- Yahoo (data breach 2017)
- LinkedIn (data breach 2021)
- Facebook (data breach 2019)
- Experian (data breach 2013 and 2015)
- Adobe (data breach 2013)
There have been others, but the list above gives you enough of an idea to understand that even global brands are at risk of cyber-attacks.
Basically, if you have data, you’re a target.
Myth 3: It’s easy to spot a cyber-attack
Cyber-attacks don’t show up as Dr Evil at the gates to your business demanding access to your servers.
- They show up as links in emails which look perfectly legitimate (phishing)
- They show up as links to websites that ask your staff to enter confidential information
- They show up as fake websites
- They show up as attachments
These are just some examples, but they show the insidious nature of cybercrime.
CISCO’s 2021 cybersecurity threat trends report said that 90% of cyber-attacks now come through email phishing scams.
Are you alerting your staff to cyber threats? And training them consistently to recognize phishing emails?
You should be.
Myth 4: Malicious software, or malware, affects computers and laptops only
No, smartphones, tablets and other mobile devices can also be susceptible to cybercrime attacks.
In fact, mobile devices now account for more than 60% of cyber-attacks.
Your mobile devices are often on the front line of your business.
That means they’re in the front row for potential cyber-attacks too.
Myth 5: Our data is safe; we use the Cloud
If only it were that simple.
It’s important to understand that the Cloud isn’t something in the atmosphere. Instead, the Cloud is a series of servers located physically somewhere. As a result, any data you store on the Cloud is not impenetrable. A cyber-attack can target this data as much as any data stored on your systems.
One of the most common ways to attack data on the Cloud is to send a phishing scam email to your staff. This scam would be designed to steal Cloud login details from your employee.