Cyber security is fundamental in today’s online environment, but its public face is chock full of scary images and statistics used to instil fear.
Here are eight unhelpful cyber security cliches, and why you should take the time to get educated rather than intimidated.
The fear, uncertainty and doubt of cyber security
1. It’s just like The Matrix
You’ve seen the movies; lots of ones and zeros, too much green and black. In reality, the cyber landscape does not look like this.
Advertising in cyber security is skewed, with businesses playing up to people’s fear, uncertainty and doubt (FUD). Don’t be fooled.
2. Cyber attackers all wear hoodies
One of the most common cyber security cliches. Large-scale hacks are unlikely to be orchestrated by lonesome teenagers living in their parents’ basement, wearing a hoodie.
The accessibility of hacking is something to consider, however. Free software and exploit kits have made hacking more accessible to a wider audience. That said, data breaches do still require levels of expertise most teenagers are unlikely to have.
3. All data breaches are “malicious”
Online communities often refer to security threats as “malicious” in nature. Hackers are characterised as malicious people, all conducting malicious work.
However, according to SC Magazine (July 2016), more than half of data breaches are caused by human error. Sure, maliciousness does exist, but it’s usually your uneducated employees who are falling for phishing emails.
4. Hacks take 0.23 seconds
If you’ve got a head on your shoulders, you’ll already have a line of defence in place, which will certainly slow down a data breach.
Unless your organisation is completely lacking in security infrastructure or security policies, the chances of being hacked this quickly are slim. It’s actually quite a slow game.
Once a hacker has got into an organisation’s environment, it takes on average 205 days for them to be detected.
5. Cyber crime costs £76.67 trillion a year
Okay – this figure is an over-exaggeration. But that’s the point. As with anything on the internet, you ought to take what you read about the cost of cyber crime with a pinch of salt.
Rather than fearing that your business will go bankrupt if hacked, you are better off taking the time to assess where your business may be falling short and ensure you stay one step ahead.
6. You can protect yourself by clicking a padlock
If you’re not looking at ominous pictures of hackers in hoodies, you’ll be seeing a person in a suit clicking a padlock. This image is the staple of cyber security countermeasures.
But countermeasures this is not. Security processes require time to set up, and the malleable nature of the industry means that staying informed is your biggest ally.
7. Who to believe?
Every technologically savvy enterprise will have their say on cyber security, but finding believable statistics is a challenge. For instance, one report in ZDNet found over four billion data records to have been stolen in 2016, while Gemalto’s Breach Level Index suggested the figure to be 1.4bn (2016 Breach Level Index).
Be wary of scary statistics published in tech magazines. Keep a level head, know the limitations of reports and surveys, and focus on learning what you can do to reduce risk.
8. Technology is the only defence you need
There is no accuracy to this suggestion. Large data breaches are unfortunately a common occurrence. By implementing employee training, security policies and routine check-ups, these breaches are less likely to occur.
As the academic Jeffrey Rosen says, “privacy is not for the passive.”
As these examples demonstrate, there’s a lot of misrepresentation, oversimplification and exaggeration out there. Cyber security cliches, beyond being somewhat annoying, can obscure and distract from the reality of today’s threat landscape.
At a time when protecting sensitive data is becoming more crucial and challenging than ever for businesses, it’s really important that we all see threats and risks for what they are, rather than as fear-mongering journalists and advertisers portray them.
With the incoming General Data Protection Regulation fast approaching, it’s never been more important to know what cyber security really means and looks like. Watch our GDPR webinar to find out what the regulation means for your business and how you should prepare.
Take our cyber security assessment to find out how your company’s current data protection strategy scores, and we’ll send you a tailored report with recommended actions for improvement.