There is a great deal of false information out there about data breaches, and yet it is imperative that a company knows as much as possible about this important liability.

Here are five common myths about data breaches that could put a business at risk:

1. Small Businesses Aren't in Danger
Small businesses are at risk for cyberattacks just like big companies, . In fact, some cybercriminals prey upon small businesses exclusively because their lack of caution and proper security measures make them easy targets. Additionally, Visa said small businesses account for 95 percent of credit card breaches,  reported. One out of every 5 small businesses becomes a victim to cybercrime, according to . Of these small companies, 60 percent go out of business within six months.

2. Information Security and Information Technology Are the Same
Some people think that information security is just one aspect of the IT department. In fact, the two things are different. Information security teams focus on making sure that information is kept as securely as possible given the resources of the company. Information technology works to make sure the business run smoothly. Companies need to have both of these capabilities in the company, so that data not only is readily accessible but secure as well.

3. Threats Are Coming from the Outside Only
The reality is much of the risk behind data breaches is due to internal sources. Workers may leave their laptops unattended or use easy-to-guess passwords. This problem can be fixed with proper training. Preventing data breaches at a firm is not only the responsibility of the information security team – it is the responsibility of everyone within the company. Some businesses even begin training employees during orientation to be vigilant against cyberattacks. There are many ways to protect a company from internal risk. See some examples at the IDT911 blog.

4. Vendors Are Not a Threat
Vendors are indeed a threat - companies as diverse as Adobe, LexisNexis, J.P. Morgan and others have all experienced data breaches. Businesses shouldn't trust their vendors to do the appropriate due diligence for them. For some good ways to protect assets from vendor threats, take a look at the Knowledge Center.

5. Firewalls Are the Only Safety Net Companies Need
Although firewalls are important for keeping your networks secure in the most basic way possible, they are only one part of a larger chain of defense that will keep your company safe. Ninety-six percent of data breaches happen to companies with minimally protective firewalls, according to the .

Mark McCurley is information security advisor at IDT911 Consulting.

Leave a Reply