Jun 1, 2021 The Sophos Rapid Response team has compiled a list of the most commonly held security misperceptions they’ve encountered in the last 12 months while neutralizing and investigating cyberattacks in a wide range of organizations. These are the top 10 misperceptions, together with a Sophos counterpoint dispelling each of them based on incident responders’ experience and observations at the frontline of attacks. Misperception 1: We are not a target; we are too small and/or have no assets of value to an adversary Sophos Counterpoint: Many cyberattack victims assume they are too small, in a sector of no interest or lacking the kind of lucrative assets that would attract an adversary. The truth is, it doesn’t matter: if you have processing power and a digital presence, you are a target. Despite the media headlines, most attacks are not perpetrated by advanced nation-state attackers; they are launched by opportunists looking for easy prey and low hanging fruit, such as organizations with security gaps, errors or misconfigurations that cybercriminals can easily exploit.