The 2024 Cybersecurity Skills Gap Global Research Report released by Fortinet has revealed that 50% of organisations in South Africa have experienced up to four cyberattacks over the past year, while 10% experienced nine or more. It likely that these attacks happen due to a lack of awareness and education around cybersecurity. Misconceptions can lead to complacency, making individuals and organisations more vulnerable to cyber threats.
Assupol’s Chief Information Officer, Keneilwe Gwabeni, has listed ten common myths and the realities behind them:
- Only big companies are targeted by cybercriminals
Myth: It’s easy to assume that only large corporations with vast resources are at risk of cyberattacks.
Reality: In truth, small and medium-sized businesses are prime targets for cybercriminals. These organisations often lack the robust security measures that larger firms employ, making them easier to exploit. According to studies, nearly 43% of cyberattacks target small businesses, illustrating that no one is too small to be hacked.
- Antivirus software is all you need for protection
Myth: Many believe that having antivirus software installed is a sufficient safeguard against cyber threats.
Reality: While antivirus software is a vital component of cybersecurity, it is not a complete solution. A multi-layered approach is necessary, combining firewalls, regular software updates, strong passwords, and user education. Cyberthreats are constantly evolving, and relying solely on antivirus software can lead to gaps in your defences.
- Cybersecurity is only the IT department’s responsibility
Myth: There’s a common belief that cybersecurity is solely the responsibility of the IT team.
Reality: In reality, everyone in an organisation plays a crucial role in maintaining cybersecurity. Employees must be trained and vigilant, as human error is a significant factor in many breaches. Promoting a culture of cybersecurity awareness among all staff members is essential for an organisation’s overall security posture.
- Public Wi-Fi is safe as long as you’re not accessing sensitive information
Myth: Many users think that public Wi-Fi networks are safe as long as they avoid sensitive transactions.
Reality: Public Wi-Fi is notoriously insecure and can easily be compromised by hackers. Cybercriminals often set up fake networks to intercept data. Using a Virtual Private Network (VPN) is critical to protect your information, even if you’re just browsing.
- Strong passwords are enough to keep your accounts secure
Myth: A strong password is often viewed as the ultimate defence against unauthorised access.
Reality: While strong passwords are essential, they are not foolproof. Enabling two-factor authentication provides an additional layer of security, making it significantly harder for hackers to gain access to your accounts, even if they manage to crack your password.
- Cyberattacks only happen to computers
Myth: Some believe that cyberthreats are limited to traditional computers.
Reality: Cybercriminals target a variety of devices, including smartphones, tablets, and Internet of Things (IoT) devices. Every connected device poses a potential vulnerability, making it essential to implement security measures across all devices.
- Once you’ve been hacked, there’s nothing you can do
Myth: There’s a perception that a successful cyberattack is the end of the line for an organisation.
Reality: While breaches can have serious consequences, organisations can take steps to mitigate damage, recover data, and enhance their security measures post-incident. Learning from the breach is key to preventing future incidents.
- Social media privacy settings are enough to protect you
Myth: Many users assume that adjusting privacy settings on social media platforms provides complete protection.
Reality: Even with strict privacy settings, oversharing personal information can expose you to risks. Cybercriminals can exploit the information you post online, making it essential to be cautious about what you share.
- Cybersecurity is too expensive for small businesses
Myth: Small businesses often believe that investing in cybersecurity is beyond their financial means.
Reality: Cybersecurity doesn’t have to be prohibitively expensive. There are numerous affordable tools and resources available to small businesses. Investing in cybersecurity can save you from the potentially devastating costs associated with a data breach.
- Email attachments from known contacts are always safe
Myth: It’s common to trust email attachments from familiar sources.
Reality: Even if an email appears to come from a trusted contact, it could still be a phishing attempt. Always verify unexpected attachments or links, regardless of the sender, to protect yourself from potential threats.
Cybersecurity myths can create a false sense of security, leaving individuals and organisations vulnerable to attacks. It is therefore important to understand and debunk these myths, in order to foster a more informed and proactive approach to cybersecurity. October is Cybersecurity Awareness Month, let’s commit to educating ourselves and others about the realities of cyber threats.