Do you know your cyber-Fact from Fiction?

Updated: Nov 15, 2021


Cyber-security month is drawing to a close so we thought we'd share a few questions to test your knowledge about what is fact or fiction.


1 - Small and medium-sized businesses are not targeted by hackers, cybercriminals are more interested in the larger companies. FICTION

In fact, according to the 2018 Verizon Data Breach Investigations Report, 58 per cent of data breach victims were small businesses.

Many businesses aren’t targeted specifically, but instead are victims of what is known as ‘spray-and-pray attacks’ when hackers set up automated systems to randomly try to infiltrate businesses. As these attacks are random, any business can be damaged, regardless of size.

2 - We've never had a cyber-attack so we must be ok. FICTION

Cyber threats are continually growing, and cyber criminals are experts in exploiting the latest's vulnerability or news headline to attack businesses. If you have never been attacked this does not mean that tomorrow, you will not be. Make sure that your business is prepared for an attack and can react quickly when the worst happens.

3 - My business does not have anything worth protecting from cyber-attacks. FICTION

All businesses have something that cyber criminals want, data and money. Data on customers, financial data as well as logins for other systems. The use of ransomware to encrypt and then demand a payment for the return of the data.

Top tips to keep your business cyber resilient

  • Enable Two Factor Authentication (2FA) on your important accounts, especially your email, social media, and admin accounts. If you want more information about what 2FA is look at our series of videos on YouTube.

  • Do not re-use the same password across accounts – use a password manager if you have so many accounts that you cannot remember a unique password for all of them.

  • Ensure your important data is backed up and test them. Those companies who suffered ransomware and had backups paid anyway as they have never tested their backups and could not recover their data.


Our purpose is to help SMEs with their business resilience, and we are ready and waiting to discuss your security and any other cyber-related queries you may have. Drop us a line to learn how we can help during a free 30-minute chat.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.