Thought Leadership

Debunking 10 Common Cybersecurity Myths

10 Common Cybersecurity Myths

(December 21, 2022) With virtually all companies today dependent on technology to some degree, protecting essential computer systems and data is a business-critical requirement. However, some common misconceptions may be putting your organization at risk.

Here’s a closer look at 10 common cybersecurity myths:

  1. Hackers only go after large companies.

Often, the exact opposite is true — hackers often target small companies because they don’t have the security resources of large enterprises. According to Verizon’s 2022 Data Breach Investigations Report, 61 percent of small to midsize businesses (SMBs) were the target of a cyberattack last year.

  • You will know immediately when your business is infected.

Many of today’s attacks use malware that can remain undetected for weeks or months, and hackers often open back doors that enable them to move laterally throughout the network harvesting sensitive data. According to IBM, it takes companies more than seven months on average to identify a breach and another two months to contain it.

  • Cybersecurity is an IT problem.

Security is the concern of everyone, from the CEO or president on down. When top executives make security a high priority, it tends to permeate through the company. Training and awareness programs are essential for making cybersecurity part of the company culture.

  • Law enforcement will protect me from a cyberattack.

Law enforcement has a role in holding cybercriminals accountable, which is why you should notify law enforcement if you are the victim of a cyberattack. But law enforcement doesn’t have the manpower, budget, or resources to prevent attacks or track down all cybercriminals.

  • Hackers are mostly amateurs.

Cybercrime is a business, and business is booming. According to one recent study, the cybercrime economy is worth an estimated $1.5 trillion, roughly equal to the gross domestic product (GDP) of Brazil. Globally, cybercrime inflicted $6 trillion worth of damages in 2021, which would make it the world’s third-largest economy. Cybercriminal organizations have managers, a human resources department, formal interviews, an IT department, customer support, and help desks.

  • Cybersecurity can be fully achieved.

Security is a process, not a product. Companies must remain vigilant and continually invest in training and technologies to maintain a robust security posture. It’s not a one-time investment.

  • Cybersecurity risks only come from the outside.

According to research by Vanson Bourne, insider threats are responsible for nearly 75 percent of cyberattacks. While some may be malicious attacks from disgruntled employees, most result from users who unintentionally mishandle sensitive data or commit policy violations.

  • Antivirus and antimalware software keep you completely safe.

Those are two essential elements of any security plan, and they will indeed stop a fair number of attacks. However, increasingly sophisticated threats are designed to defeat these measures. The best approach combines layers of protection to discourage hackers.

  • Public Wi-Fi is safe if it requires a password.

Although passwords are helpful, using Wi-Fi in a public place such as a coffee shop carries inherent risks. As a technology, Wi-Fi is more vulnerable than wired connections to data theft, eavesdropping and other potential hacks. If you do connect to a public Wi-Fi hotspot, be mindful when accessing important business, financial or personal data.

  1. All IT professionals are security experts.

IT pros tend to have expertise in specific technology disciplines. Network architects, hardware engineers and systems analysts may have very little cybersecurity training. In fact, there is a global cybersecurity skills shortage.

Dispelling security myths is only the first step — few organizations have the expertise and resources to effectively guard against cyberattacks. Qualified managed services providers (MSPs) have invested in the tools and talent to implement and manage comprehensive cybersecurity solutions. An MSP can assess your environment, discuss your current security posture and take steps to close any gaps.


Mainstream Technologies delivers a full range of technology services in Arkansas and the surrounding region including managed technology services and consulting, custom software development, and cybersecurity services. We also offer industry-leading data center services in our Little Rock facilities. Established in 1996, Mainstream has earned a reputation for delivering quality, reliable, and professional technology services for public and private-sector customers across the United States.

Jeff Pracht
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile

Contact Us

  • Industry

  • Category

  • Regulation

  • Solution