Skip to content

Five Common Cybersecurity Myths for Companies in England

Table of Contents

Small and medium-sized businesses are increasingly being targeted for cyber-attacks. We live in an increasingly digital world which allows processes to be more efficient. However, digital progress and expansion come with the increased risk of cyber-attack on businesses in England. So more than ever, your company needs to focus on cybersecurity and ensure you do not expose your business to hackers and cybercriminals. This article will examine some common cybersecurity myths and what your business should do to protect itself from cyber-attacks. 

Why is Cybersecurity So Topical?

In recent years, the number of cyber-attacks on businesses in England has skyrocketed. This was partly due to the COVID-19 pandemic, which resulted in the sudden shift to staff increasingly working from home. Home working presented hackers with potentially weaker entry points into organisations.

Why Are Cybercriminals Targeting Businesses?

There are usually two primary purposes behind cyber attacks on organisations in England. The first type of attack is known as a ‘ransomware’ attack. As the word ‘ransom’ suggests, this locks the business owner and staff out of the IT system and demands payment for re-entry. The financial cost of these attacks, including the ransom amount and the loss of business while locked out of the system, can be substantial. Alternatively, your business may suffer a security breach. This usually involves cyber criminals attempting to steal sensitive and personal information from your business. Sensitive information can include passwords, employee information and bank details, which can enable theft of company funds, fraud and identity theft of staff members.

Given the significant consequences of suffering a cyber attack, let us explore five common cybersecurity myths so your business gives itself the best level of protection.

Continue reading this article below the form
Need legal advice?
Call 0808 196 8584 for urgent assistance.
Otherwise, complete this form and we will contact you within one business day.

1. Antivirus Software Alone is Enough

Having up-to-date antivirus software is a good starting point, but you must also implement other precautions. Using only antivirus protection is like locking your front door at night but not closing your windows. You have protected the main entry point, but others could offer opportunities for intruders.

Instead, you should focus on plugging other common cybersecurity risks by:

  • training staff on cyber threats regularly;
  • monitoring devices connected to your IT system and wi-fi network; and
  • limiting the use of personal devices within your server.

2. Data Theft Only Comes From Outside

Most cybersecurity issues are from external hackers. However, individuals and staff members can sometimes do more damage, whether intentional or not. For example, an employee inserting an infected USB stick into a company computer can cause massive damage. Therefore, your organisation must ensure employees cannot plug media into USB ports or devices, usually by locking access without administrator approval.

3. Cybercriminals Don’t Attack Small Businesses

It is a widespread myth that cybercriminals only attack large businesses. In reality, many cybercriminals target smaller organisations because they likely have a weaker security system. Many recent surveys show nearly half of known cyber attacks target small or medium-sized businesses. Part of this is the belief that a successful attack would cause substantial damage and make payment of a ransom more likely.

4. Strong Passwords Are Enough

Using a long, complex password is a fantastic starting point. However, it does not offer complete protection. This is because some forms of computer virus can track keystrokes and record the entry of any passwords, no matter how strong.

The natural solution to this is to use two-factor authentication. This involves entering the password and then passing another layer of security, usually a pin code or fingerprint on a personal mobile device or entering a passcode sent to another device. Unless the hacker has access to the secondary device, they cannot gain access with the password alone.

5. It is Obvious When a Cyberattack Occurs

Not all computer viruses announce their arrival with a locked screen or ransom messages. Instead, some viruses enter discreetly and remain on the system to steal new data entries. This scenario occurred in 2018 when a popular hotel chain discovered malware that was present on the system for four years. During those four years, the malicious computer software stole customer details and passport information. As such all guests were at risk of identity theft. This demonstrates the need to actively search IT systems for unusual software.

Key Takeaways

Cyber attacks are becoming increasingly complex and require more proactive measures to counteract them. Unfortunately, some businesses suffer cyber attacks due to implementing only basic protection such as installing antivirus software. However, many business owners are now taking more interest in cybersecurity in light of the number of attempted cyber attacks on businesses over the past 24 months.

If you need help with data protection security and improving your cybersecurity, our experienced Data, Privacy and IT lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0808 196 8584 or visit our membership page.

Frequently Asked Questions

What is a strong password?

A strong password should not be short or easy to guess. So rather than using ‘password’ or ‘12345’, a strong password will use a mixture of characters and symbols, such as ‘*mYunguess@blep@55word!*’

Are there other ways of guarding my business against the financial cost of a cyber attack?

Many business owners are now obtaining cyber insurance coverage within their business insurance plans. This type of cover aims to cover your organisation for losses relating to cyber-attacks. However, these policies usually contain strict wording regarding your company having to demonstrate it took all reasonable measures to protect against attack. If you cannot show this, the insurer may not provide funds.

Register for our free webinars

Deal Structures 101: Understanding Equity, ASAs and Convertible Notes

Online
As a startup founder, understand your capital raising options. Register for our free webinar today.
Register Now

Common Legal Pitfalls for SaaS and Online Businesses

Online
Protect your online or SaaS business from common legal pitfalls. Register for our free webinar.
Register Now

GDPR Compliance Essentials for SMEs

Online
Ensure our business is compliant with GDPR and build trust with customers. Register for our free webinar.
Register Now
See more webinars >
Thomas Sutherland

Thomas Sutherland

Read all articles by Thomas

About LegalVision

LegalVision is an innovative commercial law firm that provides businesses with affordable, unlimited and ongoing legal assistance through our membership. We operate in Australia, the United Kingdom and New Zealand.

Learn more

We’re an award-winning law firm

  • Award

    2024 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2024 Law Firm of the Year Finalist - Modern Law Private Client Awards

  • Award

    2023 Economic Innovator of the Year Finalist - The Spectator

  • Award

    2023 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2023 Future of Legal Services Innovation - Legal Innovation Awards