Busted! Cybersecurity Myths That Are Not True

As the interest in online safety grows, so too does the conversation surrounding this important topic. However, even now, in the age of information, there are still a few baneful myths about cybersecurity swirling around the interwebs.

Cybersecurity concerns are poised to take the front seat this year as data breaches, ransomware attacks, and malware hacks are at an all-time high. Many small and medium-sized businesses are looking to adopt safer practices, but misinformation and inexperience make this a big obstacle. Others still don’t realize how precarious their situation is and do the bare minimum to keep their systems safe.

The truth is:

Everyone’s a target. No matter the size of the company nor the industry they are part of. Cybercriminals are pervasive and determined, and they will employ highly effective techniques to get what they want. Which is why believing cybersecurity myths can be much more harmful than helpful.

Read on to find out which cybersecurity myths refuse to die and why it’s a good idea to ignore them.

It is therefore immensely important to have a conversation about effective cybersafety techniques, which begins with identifying the myths that contradict them.

6 Cybersecurity Myths and Their True Counterparts

Here are the 6 biggest cybersecurity myths being shared around right now, along with the facts.

1. The Myth: Having a strong password keeps hackers out

    The Truth: Strong passwords are mandatory, but not enough

Everyone preaches about the importance of a long, and complicated password, yet passwords are compromised every day. Hackers have ingenious ways of finding passwords – especially if they’re being reused across multiple accounts.

Instead, a secure account lies in a multi-layered approach.

Choose a strong password and then set up two-factor authentication along with that. This will help keep attackers out even if they got hold of a password by adding a verification step to the process.

2. The Myth: It’s up to the IT person/department to maintain cybersafety

    The Truth: Everyone is responsible for keeping the company safe

Even if a company has someone monitoring the servers and systems full-time, they aren’t omnipotent. Every employee has a stake in keeping their own devices safe by following cybersafety rules and policies. This is why it’s important to have those policies in place. Also, make sure that employees are trained up enough to recognize any risks or risky behavior.

3. The Myth: Small businesses aren’t big targets

    The Truth: They make up the biggest percentage of targets

There’s still an air of indifference wafting around plenty of businesses thinking that they’re immune to hackers’ grand plans. Either because they’re “too small” or don’t have any valuable data to steal. What they fail to realize, however, is that any data is valuable to a hacker.

The personal identities of employees or clients, credit card details, sensitive business documents – all of this can make a business a target. Plus, hackers know that even if the data isn’t useful to them, it is to the company. So they lock the data behind ransomware and demand payments, which can financially ruin any small business.

Another crucial facet to this issue is the fact that businesses don’t have funds to spend on advanced cybersecurity tools and teams. This, in itself, makes them bigger targets because they’re easier to breach.

4. The Myth: anti-virus software and the firewall will protect the system

    The Truth: Both are extremely important, but they won’t protect from everything

Anti-virus software helps keep known threats at bay, and a firewall protects from suspicious outside connections. Both are vital to a business’s security strategy, but they aren’t infallible. Far from it, in fact.

Again, businesses (and individuals!) can benefit from a multi-layered security approach. One piece of software isn’t going to cut it, but a few working together might deter a wannabe attacker. So instead of just sticking to these options, consider additional security software, like email encryption and virtual private networks (VPNs).

What is a VPN? VPN technology keeps a device – and network – safe by encrypting all of the data sent and received online (https://nordvpn.com/what-is-a-vpn/). That data goes through a secure VPN server first, which replaces the IP address of the device in use. All of that technical lingo means that a hacker won’t be able to snoop in on what’s being sent or received. And they won’t know who’s doing it either.

5. The Myth: A person will notice right away if their computer is infected

    The Truth: Malware, viruses, and attacks are generally hard to spot until it’s too late

Gone are the days of pop-up ads clueing users into the fact that they have a malware problem. Hackers have evolved quite a bit since those first attempts and are now taking a much more stealthy approach. Most users probably won’t even know they have malware on their system unless they’re actively looking for it. And know where to look.

It took Marriott International 4 years to realize they’ve been breached, for instance, and they’re a large company with access to experts. So don’t just assume that it’s safe because operations are running normally.

6. The Myth: A business can be completely secure

    The Truth: There will always be a new threat. Businesses have to keep adapting.

No one catch-all solution exists that will keep a business secure indefinitely. Cybercriminals keep adapting their methods of infiltration and companies have to keep adapting their cybersecurity defense mechanisms, too.

Think of it in this way:

A company can’t lock their doors for one day and say it’s safe forever. Employees keep walking through the front door, bringing security issues with them. Plus, criminals might not even bust through the front door at all. They could pry open a window in the back.

The same goes for cybersecurity. It’s an ongoing process, and owners/managers need to keep evaluating their systems for vulnerabilities and updating cybersecurity contingency plans.


Ignoring cybersecurity best practices can result in catastrophic consequences. But it’s vital that businesses know what those best practices are – believing the myths won’t protect anything. Taking care of workplace cybersafety will take time and resources, but it’s wholly worth the effort. These days, a business’s digital safety is synonymous with their physical safety. Both are equally important and deserve the same attention and caution from owners and employees.

Leave a Comment