It seems a week doesn’t go by without a high profile hacking case making the news. The reality is clear: companies need to take a much more serious and proactive approach to their cyber defenses. Unfortunately there are a number of myths that surround hacking and cyber security that can make it harder for businesses to really understand how to defend themselves.

Here are seven of the most common hacking myths debunked.

Myth 1: Every hacker is a criminal

The public perception of hackers is very bad – this is because the vast majority of coverage of hackers is that of criminals stealing money, data and information. That means that most individuals and businesses think that the word ‘hacking’ is automatically a criminal behaviour. But this isn’t the case, in fact hacking was initially just a word that meant finding ways to find shortcuts and simplifications for systems. Even though the most common stereotype of hackers make them out to be something that is entirely negative, they can actually be beneficial to businesses.

Myth 2: Hacking can’t help your business

This brings us on to the second myth: that hacking can do nothing to help your business. There are actually cyber-security specialists that are known as ethical hackers that can be enormously beneficial to your defenses. It is the job of the ethical hacker to attempt to penetrate your cyber defenses using the same techniques and tactics that a criminal hacker would try. The ultimate goal of the ethical hacker is to understand the weaknesses in the system – they can then provide this information to the business so that they can take appropriate steps to improve their security.

Myth 3: -Cyber-security is an issue for the IT department

Unfortunately some businesses are still living under the misconception that cyber-security is an issue that should be dealt with solely by the IT department. Of course the IT department is vital in providing defense for the company’s systems, but you can run into trouble very quickly if you don’t get everyone in the company involved in the process. For example, if normal staff members aren’t provided with training for how to avoid password phishing emails they can fall victims to the kinds of scams that criminal hackers use. Make cyber security a priority in your business – don’t just assume that the IT department can deal with everything.

Myth 4: Small and medium-sized businesses don’t need to worry

Some smaller businesses believe that that it’s only larger companies with huge assets and lots of customer data that need to worry about hackers. But hackers target everyone from huge multi-national corporations to tiny one-man operations and it always pays to be as protected as possible from the dangers. Never assume that it won’t happen to you – according to statistics, thousands of websites are hacked every single day so you need to be prepared for it to happen.

Myth 5: It’s not helpful to challenge your cyber defenses

You need to put your cyber defenses through as many challenges as you can as this is the best way to ensure that they are as secure as you think they are. Some companies set up their defenses and then prefer to leave them untested – worrying that if they accidentally compromise the system during testing it will make it easier for hackers. The truth is that you need to check whether those defenses are effective before a criminal hacker does it for you. It allows you to make changes to the system if you find that you have problems.

Myth 6: Businesses don’t need strong passwords

It’s amazing how people will take a completely different attitude to their work passwords compared to their personal passwords. Some believe that it’s simply not necessary to use a strong password for business logins. But failing to do so leaves you and the business vulnerable to hackers. Business passwords should be a minimum of 8 characters using both numbers and letters.

Myth 7: My business has a firewall, so I’m safe

Some businesses believe the myth that if you have a strong firewall or another form of cyber defense software it can protect you from any potential attack. Sadly this just isn’t the case and there is no magic bullet when it comes to defending your system against criminal hackers. You need to invest in a broad and encompassing cyber-security that takes into account all the different ways that you could suffer an attack. Also remember that if any cyber security firm tries to present you with a solution that will keep you safe from any attack: no such thing exists.