Headline news is what most of us use to gauge the state of cyber security. After all, it’s what we see, hear, and think about. But the headlines (by nature) only capture the most sensational, eyebrow-raising stories of data breaches, malware attacks, ransomware, and other Internet threats. The majority of real-life incidents occur quietly, in the deep, dark bowels of companies all over the world, and are often quite different than what we are led to believe by the news media and popular tech bloggers. Here are the real stories behind the headlines, and the myths you can stop believing now, if not sooner.
1. Myth: Retail Businesses are the Top Targets for Data Breaches
For all of the Targets, Home Depots, and Michaels we read about, there is an even greater number of healthcare facilities that fall under attack. While the demand for personal information (which we’ll discuss in a moment) is waning (due to an excess supply), demand for personal health information and identities is on the rise. Hospitals, hospital networks, and health care insurers are squarely in the crosshairs of hackers, particularly in the arena of ransomware.
2. Myth: Malware is the Primary Driver for Data Breaches
Most people believe that malware is the primary delivery system for data breaches, ransomware, and similar threats. Actually, the most common entry point is via phishing scams. Growing in intensity, frequency, and level of sophistication, phishing scams are often backed with careful social engineering attacks, which target specific people within the organization very effectively. It takes an enormous amount of training and ongoing vigilance to empower workers to be constantly on the watch for these types of scams, which give the intruder access to their login credentials, and therefore the keys to the virtual kingdom.
3. Myth: Firewalls & Antivirus are Your Primary Best Defense Against Data Breaches
Firewalls and antivirus software are designed to seek and block the known threats and cover the known vulnerabilities in software, operating systems, etc. However, with about a million (literally) new viruses, malware, and attacks launched every day, these systems have to be updated before the latest threats are detectable and preventable. That means that it can be days, weeks, months, or longer before a patch is developed to protect against any particular threat. By then, it will be too late for too many businesses.
4. Myth: Attacks by Outsiders Should be Your Primary Focus
While outside attacks still account for the majority of attacks, industry specialists warn of the growing threat from inside. Insider threats are the hardest to detect, prevent, and clean up after. Smart hiring and continual management can help protect you, along with good training practices to prevent the accidental breach. While not talked about a lot, being a good employer is your best defense. Be the kind of employer that nobody wants to see harmed.
5. Myth: Most Hackers are Just After Your Customer Data (PII)
Due to an overwhelming number of data breaches that have managed to make off with countless numbers of personally identifiable information on consumers, this kind of data isn’t in much demand on the black market. Hackers are increasingly after other targets, like credit card information (there’s also an over-abundance of this on the black market), healthcare info, financial data, proprietary data and intellectual property, and other high-value targets. Don’t assume your customer databases are the only thing in the crosshairs of a hacker.
In search of a more secure way to store your data? Try the Bigstep Full Metal Cloud on for size. Not only is it a safer alternative to DIY cyber security, it’s also a whopping improvement in performance. See our products here.