National Cyber Security Authority | Cybersecurity Myths Debunked – Common Misconceptions

Report Incident

× Home Cybertech Africa 2023 2 DPO Rw-CSIRT Website About Rw-CSIRT Alerts Advisories About NCSA Documentation News & Events Topics Contact us Opportunities Privacy Policy

Cybersecurity Myths Debunked – Common Misconceptions

Kinyarwanda version

Cybersecurity has emerged as a business and online safety imperative in the modern digital world. As cybersecurity can be a complex topic, it produces some untruths, half-truths, and exaggerations. Here are 6 cybersecurity myths and their corresponding truths to help keep yourself safe online.

1. Myth: “My strong passwords are enough to keep me secure online.”

Truth: Strong passwords are only the start. To keep yourself as secure as possible, adopt stronger authentication methods over your online accounts. Apply multi-factor authentication and automate regular password change as added measures.

2. Myth: “I’ll know straight away if I have been attacked by a malicious actor.”

Truth: Sometimes, it is beneficial to a hacker to stay unnoticed. The longer an attack stays on your machine undetected, the more damage a malicious actor can do to your system and the integrity of your data. Regularly change passwords and be pro-active in watching out for suspicious activity on your accounts.

3. Myth: “The IT department is responsible for cybersecurity.”

Truth: It is the responsibility of every employee to play their part in keeping the organization’s data, devices and IT systems safe and secure by practicing best security practices. It is everyone’s responsibility.

4. Myth: “Anti-virus/anti-malware software is enough to keep me protected online.”

Truth: Anti-virus programs won't protect you from all malicious attacks. Further, they won't protect you from hackers figuring out your passwords and other non-traditional attacks. To better protect yourself, update device software regularly, use multi factor authentication methods, be aware of the signs of a phishing email and adopt other cybersecurity best practices that deliver more robust security.

5. Myth: “Cyber threats are always external.”

Truth: Threats also exist when employees open a link sent in an email or attachment infected with a virus and risk infecting a network of connected machines. Ensure users are aware of how to spot a phishing email through the signs.

6. Myth: “I won’t get caught out because I don’t visit illegitimate websites.”

Truth: Legitimate websites can often be compromised and infected with malicious code as malicious actors’ profit from flaws in outdated browsers and website plugins. Employ regular anti-virus scans to make sure your system hasn’t been compromised.

03 February 2022

More updates

10 December 2024

NCSA conducts national cyberdrill to strengthen cybersecurity readiness

The cyberdrill aims to ensure national stakeholders can protect critical information infrastructure and minimize cyber incidents.

26 November 2024

100 Public Sector Data Protection Officers trained on ensuring Data Privacy

From November 26th - November 29th 2024, NCSA hosted a four-day training for 100 Data Protection Officers of public sector institutions.

21 October 2024

Rwanda Coding Academy students emerge winners of Cyberlympics

Cyberlympics is an online cyber-security and cyber-defence competition, which took place during the Africa Cyber Defence Forum.

15 October 2024

ACDF returns to Kigali to advance continental cyber resilience

The Africa Cyber Defense Forum is a continental platform which aims to safeguard Africa’s digital future through cooperation in cybersecurity.

Address

8 KG 7 St, Kacyiru, Kigali-Rwanda

Telecom House, 5th Floor

Contact Us

	info@ncsa.gov.rw
	9009 / 0781813310
	‎+250 791 445 224

Privacy Policy

Rw-CSIRT website

Newsletter

Subscribe to our newsletter to be the first to know about our latest updates.

© 2025 National Cyber Security Authority