Using an antivirus is not enough to protect their devices and network.
The greatest battle for cyber security experts may not be hackers. It may be convincing business owners that using antivirus is not enough to protect their devices and network anymore. Ten years ago when attacks were not as sophisticated as they are today. Antivirus may be a viable option. Today, if a hacker has trouble getting on your network. They can spoof and phish until you or someone from your company click on a malicious link. Yes, it’s that easy for cybercriminals today. Here’s an article from Forbes by William H. Saito, a contributor writing about 10 Cybersecurity myths that must be busted. I find this to be true when I speak to business owners.
“You’ll never get attacked or breached. This kind of thinking – that it will never happen to me – is almost a guarantee that it will. It’s equally unwise to have total confidence in the strength of one’s security and especially one’s security devices. There’s no such thing as perfect security – the key here is resilience. That’s the ability to take a hit and keep going, or in certain cases failure, to default to a protected state. You should architect security with a prevention-first mindset and view attacks as an opportunity to learn about vulnerabilities and grow stronger based on that knowledge”.
“Using antivirus software is enough. AV might have worked in 1997, but 20 years later, it sure won’t. Hackers have found multiple ways to subvert antivirus software and hide their own attacks in a system, in many cases, for an average of six months. With the advent of ransomware, the time frame from infection to damage has become almost instantaneous. In today’s world of quick and persistent threats, a prevention mindset to mitigate known and unknown threats is essential. AV is outdated”.
“Protecting yourself is good enough. Organizations must be aware of others in their community and their actions regarding cybersecurity questions. Some of the biggest headline-grabbing breaches of recent years involved third parties or organizations subordinate to the hacked entity. Everything in your ecosystem, from subcontractors to subsidiaries, vendors and accounting firms, can be a threat vector. Security is only as strong as the weakest link, and sometimes that weak link is beyond your four walls”.
Please read more about this article here:
Educating the differences between Information Technology (IT) and Cyber Security is a great place to start for business owners. Knowing the differences will save them a huge headache. Because if these myths are not busted, American business owners will be like fish in a barrel to hackers.
So, what are the differences between Information Technology (IT) and Cyber Security?
Information Security/IT Personnel:
Install new devices, create and maintain user policies, password recovery, hardware and software upgrades on devices and maintain website and firewall rules. These are some of the core responsibilities of an IT professional. There may be additional tasks based on the organization’s needs.
Cyber Security Personnel:
Cybersecurity understands how hackers can change, intercept or steal transmitted company data within your local network or anywhere over the internet. They can deploy software or hardware to block or prevent unauthorized access to transmitted data. They are also known as an “Ethical Hacker” or Penetration Tester. They use tools to find holes or exploits in your cloud backup, devices, firewall, or local devices on your internal and external network before hackers do and repair them.