Corner OfficeExpert OpinionSecurity

Separating Fact from Fake: Busting Common Cybersecurity Myths


By: Neelesh Kripalani

At a time when news of ransomware attacks, phishing scams, and data breaches have taken over the world, cybersecurity is one of the top priorities among businesses and end-users alike. Data from the National Cyber Security Coordinator shows that everyday across India there are almost four lakh pieces of malware found, and 375 reports of cyberattacks. In 2020 alone, India saw a 37% increase in data breaches and cyberattacks, keeping IT departments on their toes working around the clock to combat these threats.

In such scenarios, preparedness is paramount, to ensure business continuity. One of the key ways to ensure this preparedness is through awareness about the threats cyberattacks pose. When we talk about awareness, we emphasize the need for the right awareness, and clarity between what is real and what is fake. Within the cybersecurity realm, there are a lot of misconceptions, and hence it is vital to bust the myth and separate fact from fake.

Myth #1: We’re too small, it can’t happen to us
Fact: You are never too small to be attacked

Cyber criminals often shoot in the dark, hoping to get lucky with a big ticket target. During their scans for vulnerable systems, they launch multiple attacks at random. So while you may not be the intended target, you have become collateral damage in the process. Hence, being proactive about your cybersecurity and defences is critical, no matter how small your network might be.

Myth #2: Anti-virus or Anti-malware is enough to secure my business
Fact: Your entire IT infrastructure cannot be secured by an Anti-virus or Anti-malware

While Anti-virus and Anti-malware products do provide you with some degree of protection, a robust defence mechanism requires a lot more. Organisations should look to adopt a comprehensive cybersecurity architecture that encompasses incident report plans, employee training, and insider threat detection, among other aspects.

Myth #3: We’ve a strong password policy, we’re safe
Fact: Having a strong password policy is just the starting point

Having stronger passwords in place does ensure that it is more difficult for hackers to enter your network, and might even lead to them giving up in frustration, but it is not enough. Several steps need to be taken to ensure a multi-layered defence strategy is in place. To this extent, a logical move would be to deploy two-factor authentication for all accounts to prevent misuse.

Myth #4: Cyber threats always come from external sources
Fact: Cyberattacks may knowingly or unknowingly be launched from someone on the inside

Contrary to popular belief, cyberattacks are not only launched by hackers sitting in a remote corner of the world. Attacks can also be launched by disgruntled or ex-employees or even users who are unaware of their actions and its implications on a company network. Hence, it is important to conduct regular cybersecurity training for employees to educate them on the risks and how to identify a scam in the making.

Myth #5: Cybersecurity involves huge financial investments
Fact: The downside cost of a cyberattack is greater than the cost of cybersecurity

While cybersecurity solutions do require certain investments and financial commitments, organisations need to understand that losing data and the recovery process can cost much more than your investments.

The above myths are just a glimpse into some of the misconceptions users have about cybersecurity, which leads to ignorance and unfortunate incidents. Knowing what is real and what is not, is the first step towards a safer cyberspaces and ultimately reducing the number of threats and attacks that take place.

(The author is Senior VP & Head- Center of Excellence – Clover Infotech and the views expressed in this article are his own)

Leave a Response