10 Cyber Security Myths for Small and Medium Size Businesses Debunked

10 SMB Cyber Security Myths Debunked

By 2021, the annual global cybercrime damage is expected to reach $6 trillion. The average cost of a security breach for SMBs is $117,000. That’s why many companies all over the world are struggling to maintain high levels of cybersecurity.

Due to the increase in activity related to this issue, false information is starting to appear. Let’s debunk the 10 most common SMB cybersecurity myths.

Myth #1: Cybersecurity is solely a technological issue

Truth: Besides beefing up the antivirus software, cybersecurity involves many other actions, including employee training and high-quality IT support as well as clear procedures and guidelines. Without proper awareness, cybersecurity technologies are mostly useless.

Myth #2: Cybersecurity requires a formidable investment

Truth: The majority of efforts required to protect your data needs a reasonable investment. They include:

  • Training employees
  • Using a VPN for working from remote locations
  • Installing software updates timely
  • Consulting IT experts
  • Planning for disaster recovery
  • Creating proper authentication steps
  • Identifying security information
  • Setting up remote work guidelines.

Any investment you make in cybersecurity is many times smaller than the costs of data breach recovery.

Myth #3: SMBs are less likely to be hit by a cyberattack

Truth: According to Microsoft, about 43% of cyberattacks are aimed at small businesses.

With only a small percentage of SMBs being ready to defend themselves against an attack, cybercriminals target them consistently. Large enterprises tend to invest more time, money, and effort in cybersecurity, thus suffering fewer consequences.

Myth #4: My company doesn’t have anything cybercriminals may want

Truth: Even if you don’t deal with sensitive information, your company can still become a target of ransomware or DDoS attack.

It’s important to know that some cybercriminals assault small companies for fun or to train before a larger attack. Meanwhile, personal information about you and your employees may be a sufficient catch for some hackers.  

Myth#5: Cybercrimes only need attention when they occur

Truth: When a cybercrime occurs, it may be too late to fix the problem without substantial losses. It’s often hard to detect the crime before it causes irreversible damages. About 60% of small businesses stop functioning 6 months after a cyberattack.  

The key to fighting the majority of cybercrimes is preventive measures.

Myth #6: If you have a firewall, you are safe against cyberattacks

Truth: Firewall and antivirus software are small parts of the big picture. Without a solid cybersecurity plan, you can’t prevent cyberattacks or react to them in a timely and efficient manner.

Myth#7: Cybersecurity is an IT issue

Truth: Many SMBs believe that the IT department is responsible for cybersecurity. While your IT team players are likely to have an understanding of cybersecurity issues, they may not have sufficient knowledge and training. If you want to set up proper preventive measures and implement security controls, you need an expert’s assistance.

Myth#8: SMBs and enterprises face different cybersecurity threats

Truth: According to Cisco, the types of attacks that SMBs and large enterprises experience are similar. Companies of all sizes face the same amount of downtime related to cyberattacks. However, larger enterprises often have higher recovery potential due to better resources.

Myth #9: SMB leaders don’t take cybersecurity seriously

Truth: Cisco survey shows that 90% of IT decision-makers have knowledge of the company’s data privacy programs.

Myth #10: By taking the right approach to cybersecurity, SMBs can be 100% protected

Truth: No matter how excellent cybersecurity preventive measures are or how much money you invest in them, the possibility of an attack exists. That’s why it’s imperative to have a disaster recovery plan.

Implementing security measures and preparing for cyberattacks are essential to SMB’s stability. To learn more about strengthening your cybersecurity, please contact us today.

Auto Complete Passwords: Safe or Dangerous?

Auto Complete Passwords: Safe or Dangerous?

Auto-complete for passwords is a feature commonly used on browsers today. It is a mechanism that allows usernames and passwords to be automatically entered into a web form. Only around 20% of US internet users have unique passwords for each online account. Many people have to manage dozens of different passwords and see auto-fill as a convenient feature that cuts down on time. Others use a dedicated application to manage passwords outside of the browser. However, this is much more dangerous than many realize.

A hacker can easily trick the browser or program by placing an invisible form on a compromised web page. 


Surprisingly, this is not only done by hackers. Digital marketers often deploy this trick to track what websites users visit. AdThink and OnAudience are both known to do this. Their goal is gathering data for marketing purposes, but IT professionals warn it would not be hard for them to steal passwords as well. 


It is quite simple to disable auto-complete in a browser. Privacy settings in most browsers can be easily accessed and the auto-complete disabled within a minute. Below are instructions to accomplish this. 

For Chrome users

Go to the Settings window, go to Advanced, and then disable under Manage Passwords.

For Firefox users

Go to the Options window, click the Privacy tab, then under the History heading, select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”

For Safari users

Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

 Unfortunately, this is just one way hackers can get your information. Modern organizations with advanced technology require more managed measures against hackers.  

Contact us today at BluWater Tech for around the clock security assistance.