Cybersecurity is without a doubt one of the hottest topics within the world today. It represents both an exciting new frontier and ominous new threat for companies and government entities across all industries, and is growing more and more important by the day. Unfortunately, as is often the case with new technologies and responsibilities, misinformation about cybersecurity runs rampant. Unfamiliarity with the nature of cyberthreats, lack of knowledge of its tools and best practices, and confusion about where management fits in terms of creating a solid infrastructure are all common pitfalls when seeking to create a solid security posture. Here are some common misconceptions and how you can help your company avoid the pitfalls of misinformation in the new age of cybersecurity.
Fiction: Only the biggest, most well-known companies are targeted by hackers
Fact: While 2015’s cybersecurity headlines were dominated by big-name breaches like Home Depot, Sony Pictures, and Ashley Madison, small businesses suffered the vast majority of cyber breaches. The Ponemon Institute reported that 76% of cyberattacks in 2015 were inflicted upon businesses with less than 500 employees. These include firms in retail, law, insurance, and healthcare. Hackers target smaller firms with confidence, betting on their relative lack of security knowledge and awareness. Simple phishing campaigns seize passwords and financial information from unsecured emails and severs, putting organizational as well as consumer information in serious danger.
Fiction: Cybersecurity is an IT staff responsibility
Fact:Gone are the days where cybersecurity notices are simply forwarded to the head of organizations’ IT departments; cyber threats are now a top concern for board members, IT staff, and employees alike. According to Forbes, unmitigated IT risk cost U.S companies over $5 trillion last year—one third of the country’s GDP. Unprotected information was one of the reasons behemoths like Nortel and American Superconductors were forced into bankruptcy, serving as haunting anecdotes on the need to protect data. Even the responsibility of dealing with the brunt of an attack can be unclear. Communication must radiate from the board members to management to the employee base in the event of an attack. Cybersecurity training is now a must. A collective effort is necessary to create a healthy organizational culture that promotes security awareness and preparedness from the top-down.
Fiction: Better tech=better cybersecurity
Fact: While revamping internet firewalls and mandating company-wide password resets are positive steps to take in creating a healthy security posture, the integrity of the business will remain at risk if employees do not take personal steps to secure their share of information. A successful security infrastructure is more than just preventative technologies. It includes a company-wide mentality that places value and priority on its stored and transferred information. In an age where attackers create increasingly sophisticated methods of subverting protective software, a diligent and aware staff can make all the difference. Again, investing in a quality cybersecurity training program for your staff is perhaps the most important step in protecting your business from attack.
WCG helps businesses, governments, and education institutions of all sizes create long-lasting security infrastructures. Our primary goal is to reduce our clients’ vulnerabilities to cybersecurity threats. WCG provides a vast selection of cutting-edge network and security solutions, in addition to IT governance, risk management, cybersecurity training and compliance services that are conducted by certified consulting and technical teams.
Ensure that your organization does not become victim to a major cyberattack this year. At Wilson Consulting Group, your security is our priority.