The world is full of commonly held beliefs that happen to be completely false:
- We only use 10% of our brains.
- Electric cars are more likely to catch fire after a crash than conventional cars
- Sugar makes children hyperactive.
- Napoleon was short
- A child’s birth date can have a negative impact on learning
Likewise, the cybersecurity industry has ample number of myths that are extremely easy to believe and equally hard to dispel. With over 51% of the world’s population online our dependency on technology grows, increasing the need for a cyber safe world.
The U.S. Department of Veterans Affairs experienced a breach of 26.5 million data records of veterans and their families when an employee managed to take home unencrypted data without having the permission to do so. The cost of recovering the data was estimated to be between $100 million to $500 million.
Although the protection of data is viewed as a cybersecurity issue, in situations like the one mentioned above, physical security ought to have been a part of the security plan. In fact, physical security and cyber security ought to work hand in hand as nearly everything is connected electronically — the elevator in your office, electronic door locks, smart house devices, and much more.
Although cybersecurity deals with safeguarding technological advancements, it does not depend solely on using tools to safeguard a system. While having access to the latest devices and updates is a boon, it is even more important to have people who are able to keep up with the times and follow a proper methodology.
Many companies actually recognize the importance of things like awareness training programs for employees and expenditures for such initiatives are expected to reach $10 billion by 2027. Cybersecurity is a forever developing industry that requires constant, vigilant attention to ensure that technology and personnel are updated. Simultaneously, the procedures and policies of the company must be continuously updated.
Most companies make the lethal mistake of implementing a strategy and never looking back at it until the following year or until there seems to be a breach in security. In fact, 48% of organizations still believe that cybersecurity is a job for the Chief Information Security Officer and does not require board member involvement. With advancements in artificial intelligence, it is highly possible that hackers will soon, if they aren’t already, be using this technology to create perfect phishing mails.
This means that there is a high possibility that you might receive an email from “your colleague” in the same style and language that they generally use, sent by a phisher. You will likely open it with the impression that it is from your colleague.
Someone who is not sharp-eyed and alert could be a victim of a malicious attack with one simple click.
You may not have saved any sensitive data on your system or email account, but it is highly possible that your account has been linked to nearly every other account— social and personal— that you have.
Truth be told, once a hacker has your password, it is extremely easy for them to access other accounts of yours as over 80% of people reuse their passwords on various other accounts.
Even basic information from conversations or photographs can give cyber criminals the upper hand.
It is important to ensure that everything, from your own system to a third-party network or system, is safe and protected. Third-party breaches have become a major issue for companies over the years, leading to huge data breaches across the globe.
Even a simple email sent to a third-party vendor containing sensitive data can be used maliciously if the vendor does not possess proper security. This is why it is important for organizations as well as individual users to keep in mind that third party entities could be the weak link in their security strategy.
At the end of the day, it comes down to the importance of organizations and individuals recognizing that cybersecurity is not the work of a single person but the collective efforts of everyone accessing cyberspace.
EC-Council University focuses on educating individuals and arming them with both the knowledge and skills that companies need to protect their organizations. Another common myth faced by individuals that wish to embark upon a career in cybersecurity is that they need to code or be IT experts. That in fact is just one more fallacy for the list!