CMI Blog

7 Common Cyber Security Myths Debunked

Cyber Security is one of the biggest risks for businesses currently, as the threat landscape is not just continuously developing, but the attacks are getting more sophisticated too. It’s particularly challenging for businesses to keep track of the new trends with several businesses suffering from massive hits throughout the year. Here are some of the biggest cyber crimes from 2021.

With several myths and misconceptions circulating, it’s hard to know which Cyber Security solutions and measures need to be implemented to ensure your business is fully protected. We’ve debunked 7 of the most common Cyber Security myths to help you distinguish right from wrong, helping you to better protect your business without putting it at risk.

#1 Small and medium-sized businesses aren’t targeted by cybercriminals

It’s a common misconception that ‘only’ large businesses are targeted by hackers. In fact, the opposite is true. Smaller businesses tend to be targeted more as most of them don’t have the budget or resources to invest in comprehensive Cyber Security solutions. Cybercriminals will not choose their target based on the size but on the level of protection a business has to offer.

#2 Our passwords are strong enough

Many businesses think that using long, complex passwords will keep their accounts and data safe. Although using very strong passwords is a good start in protecting your accounts, it’s far from enough to keep your data safe. Hackers have their methods to crack a seemingly complex password easily. To make sure cybercriminals can’t access your network or systems, businesses need to approach a multi-layered defence by employing multi-factor authentication and continuous access monitoring.

#3 I’m storing my data on the Microsoft 365 cloud, where it is fully protected

Cloud providers like Microsoft or Google do keep your cloud data safe but just to a certain extent. In the event of a data breach, for example, it’s not the cloud provider’s responsibility to protect your data, if the mistake happens on your end. It’s on the user to ensure that all Microsoft 365 data is backed up and protected. CMI offers full protection for your Microsoft 365 data – our Microsoft 365 Backup Pricing Calculator will give you a breakdown of how much you can save. Get your instant price here.

Cyber Security myth

#4 All our IoT devices come with built-in security features

Even though IoT devices offer security features, they don’t provide a high level of protection. These devices usually use off-the-shelf security and default usernames and passwords with many security flaws, creating a false sense of security. And the more IoT devices you connect, the more entry points hackers are offered.

#5 Anti-virus, anti-malware software, and firewall offer full protection from cybercriminals

Security software alone won’t keep your systems and network safe. It is an important component of a Cyber Security strategy, but it’ pretty much useless without any other security measures in place. In order to keep your data protected from cyber-attacks, you need a comprehensive strategy and follow a multi-layered approach that includes disaster recovery, employee training, threat assessment, and continuous monitoring.

#6 Once our Cyber Security is entirely set up, we don’t have to worry about it anymore.

Cyber Security is not a one-off action, it’s an ongoing process and needs to be reviewed regularly. As the threat landscape is growing and cyber risks are becoming more sophisticated and smarter, you need to carry out regular security audits and tests, monitor your systems and review your security policies. Letting your guard down means putting your business at risk of falling victim to a cyber-attack.

#7 When outsourcing an IT provider, I don’t have to worry about Cyber Security anymore.

Managed Service Providers like CMI plan a comprehensive security strategy for your business and implement the appropriate security measures, but as a business you’re still responsible for the overall security of your business and educating your staff. Human error is one of the biggest threats to Cyber Security, and training your staff is a crucial part of an effective security strategy.


Your company’s cyber security position can be rapidly improved with the help of our free, 30-minute no-obligation cyber security consultation. Book a cyber security consultation now and we can begin establishing a robust defence for your organisation.


Topics: cyber security

Graham Stead

Written by Graham Stead

Graham joined CMI following the acquisition of his previous business in 2016, having successfully run that for business for 20 years. Graham's absolute focus is on making sure that we consistently hold our clients central to everything that we do, and is often heard repeating our mantra "we exist to make a significant positive impact on our clients business". Graham and his team work closely with our clients to educate, inform, and ultimately to provide technology that delivers that positive impact. Outside of the office, he is a huge supporter of Bone Cancer Research Trust and has raised over £130,000 for them in recent years.

Know someone who
would benefit from CMI?