Most organizations tend to think of crime the way that many people do - it won’t happen to me. Because of this, many companies that could have been prepared for an attack or breach are not. Today we will review some common misconceptions, and why they are wrong:
“My company is too small to attract attentionâ€
It might be the cases like Target that take up the nightly news coverage, but that doesn't mean that smaller companies don’t get impacted by cybercrime all the time. However, it is important to remember that in the Target case, the reason why Target was attacked was because the cyber criminals had attacked much smaller contractor that does work with Target. Not only that, but Target is liable for potentially massive fines, in addition to the impact on the brand. Smaller companies can absolutely suffer if they are known to be places that are unsafe to do business with.
“I don’t really need much to protect my businessâ€
You might not think that your company needs a firewall in place to protect communications. However, unless your company only uses typewriters, this isn’t the case. It is important to have security protocols in place, especially if your company needs to adhere to certain regulations that may apply to your industry. By having some kind of protection around your company network, you do significantly more to prevent a disaster rather than just hoping for the best.
“I’ll just secure my network to be better protectedâ€
While it is very important to secure our network, it is important to remember that there are many moving wheels in the world of cybercrime. For example, an employee could bring in a flash drive from home that was infected by a virus that they weren't aware of, and by plugging it into their machine in the office, they have just infected the network behind the firewall. Securing the network to the outside is very important, but you also need to protect your network from within as well, which can be done by Anti-Virus programs and more.
“It won’t happen to meâ€
It might have been stated at the very beginning of this blog, but it is still one of the biggest problems a company can have. If you have surrounded yourself with a false image of protection, especially when you don’t have anything in place, you will be in for a very rude awakening when an attack does get through, and it typically means you didn't take any precautions such as backup. This can be absolutely devastating for any company if precautions weren't taken to ensure the company could recover from this type of disaster. A company should always have precautions in place for any type of disaster, as well as a plan to execute so they can quickly recover.
In addition, since problems always tend to happen at the worst possible time, it is best to prepare for the worst-case scenario than the best; just as network outages always seem to happen at 2:00 AM, have a plan in place to identify who is responsible for what at any point in time in a cyber-attack scenario. Be ready to have someone handle the technical issues, any issues regarding company brand, and more depending on what your company does. 
Alejandro
