4 Cybersecurity Myths, Debunked

By Joe Gillis, VP of Sales, GVC - 20 Aug, 2018
Physical Security

Did you know that almost 90% of all cyber-attacks are the result of human error?

Yet, people still make mistakes like leaving their computer screens unlocked on their desk or writing their passwords on a post-it note stuck to their computer monitor. Even breaches with no easily-traceable “real world” element may occur as a result of human beings not putting the right cybersecurity measures in place.

It doesn’t help that there are many myths surrounding cyber-security, which leave people unsure about the right steps to take to protect themselves and their devices. New Era Technologies debunks several cybersecurity myths so you can better protect your organization against cybercriminals and hackers.

Myth #1: Changing your passwords frequently will help stop hackers.

Security experts used to recommend changing passwords at least once every few months. If someone gained access to your accounts and wanted to monitor your actions or communications over time, they would find themselves locked out once you changed your password, minimizing the damage.

In reality, once a hacker gains access to a bank account or mission-critical company files, he or she will want to take action immediately and then get out before being detected.

Changing your password frequently might make it easier for cybercriminals to gain access to your network or your devices. If you have to change your password every few months, you are more likely to keep it simple and easy to remember, rather than using a strong password with a combination of letters, numbers, and special characters. You may also be tempted to write your password down, making it even easier for someone to steal.

By all means, change your passwords on all accounts if you suspect there may have been a data breach or if someone got their hands on your password. Otherwise, create strong passwords that are difficult for others to guess and consider using a password manager for added security.

Myth #2: Security doesn’t matter. After all, major organizations are regularly attacked and they have the best security available.

We’ve all seen the news. Credit reporting agency Equifax, Target, J.P. Morgan Chase, and even Amazon have all been victims of cyberattacks. If it can happen to these companies, which all use state-of-the-art cybersecurity and take the job of protecting their customers’ financial data extremely seriously, what hope does a small business have of protecting their IT systems?

Cybersecurity methods won’t stop every attack. The idea is to make it more difficult for hackers to breach your network.

It’s like using a home alarm system and placing a sign on your lawn warning burglars that you have an alarm. The goal is to make sure you aren’t the low-hanging fruit in your neighborhood, and that your home won’t be easy to attack. Likewise with your IT network and computer systems. Hackers often drive around looking for unsecured networks. Ideally, a hacker will notice that you have protections in place and move on.

Also, it’s critical to have software in place to detect attacks, so your team can stop them quickly and minimize damage.

Airline manufacturer Boeing was attacked by cybercriminals earlier this year. The company’s security protocols halted the attack after just a few hours, and production and delivery times were not adversely affected by the breach.

Myth #3: Anti-virus software is enough protection.

Almost worse than deciding not to deploy any security methods is determining that off-the-shelf virus software is enough security for your small business or large enterprise. The problem with using only anti-virus software as protection against cyber-crimes is that it gives a false sense of security. You may believe you are protected. But if you don’t keep your software up-to-date and supplement anti-virus software with malware protection, strong passwords, and firewalls, it’s almost like not being protected at all.

In addition to using robust security measures, which may include virtual networks and blockchain-type storage, restricting access can help prevent data breaches. By offering different levels of network access to different users and making data available only as needed can help reduce the risk of attacks.

It’s also critical to have a disaster recovery plan in place so your team can respond quickly when an attack occurs.

Myth #4: Your building’s physical systems are safe from cyberattacks.

As smart building systems, from lighting and elevator control to building locks and conference room AV systems, grow in popularity, the more risk there is of an attack. Cybercriminals can use IoT-connected devices as a gateway to the company network and mission critical data. To protect against this, ensure your smart building systems reside on their own secured network.

But that won’t stop a breach of the systems themselves.

Healthcare providers and medical manufacturers have already begun finding and patching vulnerabilities in smart medical devices, from heart monitor implants to insulin pumps. The risk is just as real in other smart technology systems.

For instance, cybercriminals who gain access to a building’s smart systems could send elevators to a grinding halt, turn off lights, or make boardroom AV systems go haywire prior to a big presentation.

To protect your building, ensure that all your smart devices are running the latest software, with all patches installed, and are on a secure network. Using 24/7 remote monitoring and support can also give you peace-of-mind that your building’s smart systems are secure and that any breaches can be detected and fixed promptly.

Staying up-to-date on the myths surrounding cybersecurity and working diligently with a managed services provider to ensure you are following IT best practices can help keep your company from becoming another cybersecurity statistic.

Author: Joe Gillis, VP of Sales, GVC

Joe Gillis, a graduate of Loyola University, began his career with FTG Technologies, a New Era Technology company, in 2010 as an Account Executive. After proving his skills in team-building, client interaction, and developing strategic relationships, he was promoted to Sales Manager in 2012. Today, Joe continues to lead the sales team and serves as a member of the senior management team. When Joe isn’t leading the sales team he enjoys time with his young family and is an avid golfer. Prior to joining FTG, Joe worked for the PGA Tour within Tournament Operations.