October is National Cyber Security Awareness month. After starting in the USA we are seeing growth in the acceptance of a month of security across Africa. This really got me thinking about what it entails to have a month dedicated to cyber security.
As with any “awareness month” campaign, it is to bring cyber security to the forefront of your conversations and get you thinking about all things cyber safety, it’s about wanting to learn more about it and seeing where you or your organisation can set a good example, implement more practical cyber security protocols and take a moment to think of how different your environment is since partnering with cyber security professionals and how you could work together to beat the evolving cyber-attacks and breaches that occur.
In honour of the month, I thought it would be a good Idea to shed some light on a few misconceptions that there is surrounding cyber security, ones even I myself had.
- If you don’t click on suspicious links or visit dangerous websites, you are definitely safe
It is not only about the click. Hackers will take advantage of weaknesses in browser related technologies. Out of date and old applications can make your browser your biggest vulnerability. What may seem like a safe site could already be infected and in turn your environment becomes breached. This is why having a multiple layer defence program in place is critical. The ways you can get breached are no longer as obvious as you would think.
- Our systems are not connected to the internet which means no risks
Inside threats are a major cause of data breaches. Users working within your firewall, plugging in external devices or connecting personal data cards. Infected USB’s and malicious insiders sharing or stealing confidential information are just a few ways in which a breach can occur. Just because your systems are not connected to the internet doesn’t mean you will not be compromised. You cannot manage what you cannot see.
- Using antivirus software is sufficient
Antivirus software is only one layer in a multi-layered security program. This is no longer good enough as a protection mechanism. With evolving attacks, it is not sufficient on its own. Cyber criminals have found numerous ways to disrupt antivirus software. Most new malware strains only are detected weeks after compromise. By that time your network is already in trouble. Ransomware attacks can be immediate. You need to have preventative measures in place for known and unknown threats.
- Digital and physical security are entirely separate
In today’s hyper-connected world, more and more devices are getting connected and being controlled digitally. From the public transport systems, lifts in your building to the coffee machine in your home. If there is no level of security on these connected devices, cyber criminals can modify the device software to cause physical damage or inconvenience and they can steal data from your home appliances that are connected to the internet.
- Ensuring that YOUR protection is sufficient
You need to be aware that if others in your community do not take cyber security seriously or are unaware of the risks. This means that they will not have the correct platforms in place. Even if you have the most sophisticated system, trusted third parties can be the source of your breach. You need to ensure that everything in your supply chain has the same level of protection that you require. Implementing discussion groups across your supply chain or engaging a cyber security specialist, like J2 Software, will help you gain the required visibility you need from top to bottom. If you don’t, you could be in major trouble.
- We don’t have budget for Cyber Security, it’s just a form of defence anyway
This is no longer valid. Not spending money on cyber security and resilience is far more expensive in the long run. The average cost of a data breach in in the tens of Millions. Can your business afford this loss? Cyber security needs to be seen as a strategic advantage since it can boost productivity and save money. It’s important for protecting your organisation and it will enhance your reputation because you show your customers that their data is safe with you. Stop thinking of cybersecurity as simply an expense and understand it’s worth and that it empowers your business.
I hope this helped to bust some myths surrounding cyber security and once again enforce the thinking that you and your environment NEED cyber awareness every month – not only in October.
Get in touch with us and we can help you make your organisation a safer and more productive place.
With us, every month is Cyber Security Awareness month!
Let’s get real.
Olivia Hannah Coetzee