October 15 2021
At Secarma, we’re passionate about security. That’s why, as part of Cybersecurity Awareness Month 2021, we’ve written this blog post debunking some common cybersecurity misconceptions.
Unfortunately, you can’t simply do one security assessment and become complacent. Penetration tests are a great way of evaluating your security posture and identifying vulnerabilities so that you can remediate them before they’re exploited by attackers, but they’re a point-in-time assessment. Between evolving threats, employees leaving and joining the company, and updates to your organisation’s systems, things are constantly changing and your security testing needs to account for this.
You should tailor your security testing to fit the frequency and nature of the changes your organisation goes through if you want to stay secure.
Watch the video here: Cybersecurity Misconceptions: “We’ve had a penetration test so we’re secure.”
Security is sometimes seen as nothing but a cost, but it can have a solid return on investment. With security testing, investing in finding and remediating your organisation’s vulnerabilities means that, should a threat actor try to attack your organisation, those vulnerabilities won’t be there and the hacker won’t be able to leverage them. Thus, the overall impact is reduced, reducing the recovery and clean up costs.
Security doesn’t have to be a barrier. Certain measures, such as password managers, have a convenience factor. When employees are less likely to forget their passwords, that’s less spent in administrative overhead and less time wasted.
Overall, investing in security will help more than it hinders. Putting in that time and money now will save you more in the future, should a hacker target your organisation.
Watch the video here: Cybersecurity Misconceptions: “There’s no ROI with security testing.”
While at work you might have a security team and a CISO, that doesn’t mean you can forget about cybersecurity altogether. If you use technology and the internet in your personal life, you need to know at least the basics of cybersecurity. With the types of information being shared when you use services like online banking and make payments over the internet, you’re at risk of falling victim to cyber attacks. Strong passwords, recognising malicious emails, and being careful of how you use the internet, are all things that can help protect your information.
Everyone with a digital presence should worry somewhat about cybersecurity, and it doesn’t have to be a massive chore. Simple changes, such as using password managers and being careful when using public WiFi networks, can greatly reduce the risk and impact if you’re targeted.
Watch the video here: Cybersecurity Misconceptions: “Cybersecurity isn’t my responsibility.”
You might think that hackers would never target your organisation because its not interesting enough, but you have to remember that attackers have a huge range of motivations. It could be politically motivated attackers looking to leverage your social media platform to get a message out, or financially motivated attackers targeting multiple organisations for small amounts of money, all adding up to a worthwhile amount.
No matter the motivation behind them, cyber attacks can damage your organisation in many ways: financially, legally, destroying customer trust, etc. Its always best to beat the threat actors to it and secure your systems before they have the chance to attack.
Watch the video here: Cybersecurity Misconceptions: “My company isn’t worth hacking.”
Here at Secarma, we provide lots of different security services including penetration testing for those wanting to assess their security measures, and security awareness training for your staff. We also offer a variety of consulting services, like embedding a Virtual Information Security Manager into your organisation to help manage your security.