Despite the growing awareness about cyber threats, many myths about cyber security still persist. Ready to separate fact from fiction? Here are some of the most common cybersecurity myths.

Myth #1 — Too much security diminishes productivity.

Some business owners worry that increased cyber security protocols will make it difficult for employees to access what they need to do their job. However, in reality, not having adequate cyber security protocols may have long-term and catastrophic consequences for your business. Many preventive measures require little hassle on the part of employees.

Myth #2 — Cyberattacks are only executed by external perpetrators.

Wrong! Insider threats are on the rise and should be a cause for concern for all businesses. Insider threats can include employees, vendors, contractors and business partners and be either a simple case of negligence or can be malicious in nature. A recent survey revealed that insider threats are responsible for more than half of all data breaches. All companies need to have plans in place to help prevent these types of attacks.

Myth #3 — Cybercriminals only attack large businesses.

Small and medium-sized businesses may wrongly assume that their data isn’t attractive to hackers. But these operations are among the most susceptible to cyberattacks. An Accenture survey revealed that hackers went after small businesses nearly half of the time. Unfortunately, only about 14% of these businesses were prepared to act defensively in such a situation.

The lesson: No matter the size no business is immune from hacking attempts and malicious attacks. Hackers don’t discriminate when it comes to their victims. So, don’t let the size of your business determine how valuable your data is or how secure your assets are.

Myth #4 — Cybersecurity and cyber insurance is too expensive

Even though the headlines paint grim stories, some companies still wonder if cybersecurity programs are worth the cost. Data security is frequently overlooked and many organizations respond reactively when they have no other option.

Just how expensive is such a mistake? Consider the fact that the average cost of a data breach in 2021 is $4.24 million, the highest in the last 17 years. This statistic doesn’t even take into account reputational losses and customer losses from a breach. One thing is for certain: The cost of a good cybersecurity plan and coverage is far less than dealing with the consequences of an attack.

Figuring out which types of insurance coverages are right for your company isn’t always easy. Here are four basic types of insurance policies that most businesses need to have —even the smallest of companies — and four other coverages that many business owners need but don’t realize they do:

Property insurance. This type of insurance covers buildings as well as personal property such as office furniture, inventory, computers and machinery. It’s basic coverage that nearly all businesses need.

Liability insurance. Having enough liability coverage is important for a growing company. Any business can face a legal claim that could be financially devastating. A client could sue after a fall in your office. A customer could file a lawsuit claiming a product is defective. Liability insurance can help a business prevent a financial disaster in the event of a lawsuit.

Commercial auto insurance. Cars driven for your business should be covered under a separate, commercial auto insurance policy.

Workers compensation insurance. Nearly all states require businesses that meet certain size thresholds to have workers compensation insurance in the event an employee is injured or dies on the job.

Depending on the type and size of the business, you may need additional coverage. Here are four types of coverage that business owners often don’t realize they need to protect themselves:

Cyber liability insurance. One study found that the average cost of a cyber attack on a company is $200,000; many attacks are more costly. Small and medium-sized companies are increasingly at risk for both attacks and devastating legal claims as a result of an attack. All businesses need to take steps to prepare for and help prevent a cyber attack and consider purchasing coverage in the event one does happen.

Employment practices liability. EPL is designed to protect companies in the event of a sexual harassment, discrimination, wrongful termination or breach of employment contract claim or any of a number of other claims made by an employee or former employee. The more employees you have, the greater the risk of a lawsuit.

Professional liability (also known as errors and omissions). Many different types of business owners need E&O insurance coverage. Businesses providing a service or advice have a unique type of liability exposure. Many E&O policies are designed for specific types of professionals, such as physicians. accountants, engineers, architects and attorneys.

Employee benefits liability. EBL is coverage for businesses that offer health insurance and other benefits. It protects them from errors and omissions that occur when employee benefit plans are administered by a company’s human resources employee(s). These types of errors happen more than you might think.