The greatest battle for cyber security experts may not be hackers. It may be convincing business owners that using antivirus is not enough to protect their devices and network anymore. Ten years ago when attacks were not as sophisticated as they are today. Antivirus maybe a viable option. Today, if a hacker have trouble getting on your network. They can spoof and phish until you or someone from your company click on a malicious link. Yes, it’s that easy for cyber criminals today. Here’s an article from Forbes William H. Saito a contributor writing about 10 Cybersecurity myths that must be busted. I find this to be true when I speak to business owners.
“You’ll never get attacked or breached. This kind of thinking – that it will never happen to me – is almost a guarantee that it will. It’s equally unwise to have total confidence in the strength of one’s security and especially one’s security devices. There’s no such thing as perfect security – the key here is resilience. That’s the ability to take a hit and keep going, or in certain cases failure, to default to a protected state. You should architect security with a prevention-first mindset, and also view attacks as an opportunity to learn about vulnerabilities and grow stronger based on that knowledge”.
“Using antivirus software is enough. AV might have worked in 1997, but 20 years later it sure won’t. Hackers have found multiple ways to subvert antivirus software and hide their own attacks in a system, in many cases for an average of six months. With the advent of ransomware, the time frame from infection to damage has become almost instantaneous. In today’s world of quick and persistent threats, a prevention mindset to mitigate both known and unknown threats is essential. AV is terribly outdated”.
“Protecting yourself is good enough. Organizations must be aware of others in their community and how they’re acting when it comes to cybersecurity questions. Some of the biggest headline-grabbing breaches of recent years involved third parties or organizations subordinate to the entity that was hacked. Everything in your ecosystem, from subcontractors to subsidiaries, vendors and accounting firms, can be a threat vector. Security is only as strong as the weakest link, and sometimes that weak link is beyond your four walls”.
Please read more about this article here:
Educating the differences between Information Technology (IT) and Cyber Security is a great place to start for business owners. Knowing the differences will save them a huge headache. Because if these myths are not busted, American business owners will be like fish in a barrel to hackers.
So, what the differences between Information Technology (IT) and Cyber Security?
Information Security/IT Personnel:
Install new devices, create and maintain user’s policies, password recovery, hardware and software upgrades on devices and maintain website and firewall rules. These are some of the core responsibilities for an IT professional. There may be additional tasks based on the organizations needs.
Cyber Security Personnel:
Cybersecurity understand how hackers can change, intercept or steal transmitted company’s data within your local network or anywhere over the internet. They can deploy software or hardware to block or prevent unauthorized access of transmitted data. They are also known as an “Ethical Hacker” or Penetration Tester. They use tools to find holes or exploits on your cloud backup, devices, firewall or local devices on your internal and external network before hackers do and repair them.