Cybersecurity negligence from workers putting firms at risk in ME, survey finds

A majority of workers believe their company's information technology team is ultimately responsible for online safety (Shutterstock)
Short Url

RIYADH: Hybrid working is increasing cybersecurity negligence by employees across the Middle East region, according to a survey. 

Research by global cybersecurity company Proofpoint revealed that some 51 percent of employees in the UAE admit to connecting to home or public Wi-Fi networks without knowing if they are secure, while 44 percent of Saudi Arabia-based employees make use of insecure networks. 

Other risky behaviors include using USB drives, downloading attachments and files from unknown sources, and clicking on malicious URL links.

According to the survey, only 17 percent of employees in the UAE and 14 percent in Saudi Arabia felt that they share the responsibility for cybersecurity in their organization, with a majority believing the information technology team was ultimately responsible for online safety.

Adenike Cosgrove, Proofpoint’s vice president for cybersecurity strategy for the region, said: “Employees must understand that they play a critical role in preventing data breaches and that this isn’t just an IT problem.

“As traditional working models evolve, the old ways of protecting data no longer work.”

It is not just lapses with connections that were unearthed by the survey, with the research showing 38 percent of the participants in the UAE and 36 percent in Saudi Arabia admitting that they would take documents they created with them when they started a new job.

Cosgrove added: “Organizations will need to work together with their employees to up their game and adapt data loss prevention and insider risk solutions to protect endpoints, cloud apps, email, and the web.” 

On the positive side, 53 percent of the participants in both the UAE and Saudi Arabia said that they check the email address of a sender before opening an attachment or clicking a link. 

Moreover, 65 percent of the employees in the UAE and 58 percent in Saudi Arabia said that their organization delivered cybersecurity awareness training to mitigate cyber-attacks.