9 cyber security myths debunked – | #cybersecurity | #cyberattack


A good understanding of cyber security has become one of the ‘must haves’ for all businesses, but when it comes to advice – how do Gloucestershire businesses separate the ‘must-dos’ from the myths?

As part of SoGlos’s on-going #CyberGlos campaign, which celebrates the considerable expertise in the cyber sector in Gloucestershire and supports the county’s business community, we have put together the following article in the hope it dispels some of the commonly held security myths.


About the sponsors

Charles Russell Speechlys’ Cheltenham office advises regional, national and international clients ranging from multinational listed companies, government organisations, limited companies and partnerships to entrepreneurs, private individuals and their families and its dedicated technology team includes experts on data protection and cyber security.

Salus Cyber is a certified provider of world-class cybersecurity services, based in Cheltenham. It helps clients identify and manage their cyber risks proactively and effectively and is the cybersecurity partner of choice for industry-leading organisations throughout the UK and Europe.

The University of Gloucestershire is an integral part of the county’s cyber community. It was the first institution in the country to offer cyber security degree apprenticeships, and it has undergraduate and postgraduate programmes are helping to develop specialists in this field.


1. Small or medium-sized businesses are not the targets of cyber criminals

‘We are too small… nobody would be interested in what we do’ is a common refrain from many small and medium sized firms when asked about their cyber attack.

Experts will tell you quite the opposite. Smaller businesses often lack the sophisticated software or security team of big firms, making them an easier target for cyber criminals.


2. Passwords! We have strong enough passwords already

If you think your business has strong enough passwords and these alone will deter cyber criminals think again. Experts now advise ‘two-factor authentication’ as the order of the day. That means a password, and a second ‘identifier’.

Likewise, a single password is not enough to keep a Wi-Fi network secure. Good security if the sum of its parts. At a minimum staff should use virtual private networks (VPNs) to secure their connections.


3. We have never been attacked – so we must be safe

If you presume because your business has never been attacked it is because your security is so good, it is more likely because you are been lucky – so far. Cyber attacks are becoming more and more sophisticated.

Develop a strategy that allows you to react quickly to a security incident, mitigate any damage before it becomes significant and learn.


4. We are meet all the industry regulations – so we must be safe

While keeping up with industry regulations is a must, for your reputation and your security, you should not benchmark yourself against them as a measure of how good your security is.

They often only contribute a bare minimum to your business being safe. Carefully consider whether regulations cover the scope of your data and critical systems.


5. It is our IT department’s responsibility

Don’t put all the responsibility for looking after your business’s cyber with your IT department.

While the IT department will have the lion’s share of the responsibility, everyone in a business should play their part – not just to detect and deter but to report any suspected breaches too.


6. We only need to worry about keeping internet-facing applications secure

Securing internet-facing applications is a must, but they should not be the only focus for your business.

If one of your staff uses a flash drive which contains hidden malware, plugs in a phone or laptop usually used for personal use, your organisation could also face threats. It is about having a multi-layered approach to security and educating staff.


7. We don’t need to worry – our security provider has it under control

As good as you might think your third-party security provider is, they are not on their own. It is crucial that every business seeks to understand the security risks, develops policies and practices to keep it safe, implements them and reviews them regularly.


8. Our anti-virus and anti-malware software will keep us safe

If you do not have anti-virus and anti-malware software then you should get some, but do not rely on its to keep your business safe on its own. It will not protect your IT from every cyber risk.

A comprehensive cyber security plan must also include response plans and employee training – and this must be ongoing.


9. We have ticked every box above and are completely safe

If you have read all of the above and not got it by now, achieving good cyber security is an ongoing process. Just as criminals are developing their methods of attacking your business, so you must continue to adapt, learn and refresh what you do.

Continuously monitor, conduct internal audits, train, review security policies, and embed best-practice into your key business processes. Make this part of your company’s culture. It will make your business safer, customers and your suppliers safer and help protect your business.

This article is part of SoGlos’s #CyberGlos campaign, supported by Salus Cyber, Charles Russell Speechlys and the University of Gloucestershire, to champion cyber-related business stories in Gloucestershire. Visit soglos.com/cyberglos for more information.


Follow SoGlos on LinkedIn and sign-up to the weekly SoGlos business newsletter for the very latest Gloucestershire business news stories.

© SoGlos
Thursday 07 October 2021

(function (d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v2.4"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));



Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

four + six =