Working professionals in the Middle East are putting their employers at risk through their cybersecurity negligence, a new survey by global cybersecurity company Proofpoint has revealed.
Fueled by the adoption of hybrid work, the report said, “many employees are responsible for creating data loss challenges for their organisation.”
The report said that 38 percent of employees in the UAE and 36 percent of employees in Saudi Arabia admitted to taking documents they created with them when starting a new job.
Additionally, only 17 percent of employees in the UAE and 14 percent in Saudi Arabia “felt that they share the responsibility for cybersecurity in their organisation,” the report added.
Other assets and information UAE employees would take with them to a new job included work devices (34 percent), contact details for colleagues (33 percent), contact details for customers (25 percent) and planning materials (20 percent).
In Saudi Arabia, employees admit they would take the following with them when they start a new job include work devices (30 percent), contact details for colleagues (26 percent), contact details for customers (27 percent) and planning materials (19 percent).
“Organisations will need to work together with their employees to up their game and adapt data loss prevention and insider risk solutions to protect endpoints, cloud apps, email, and the web,” Proofpoint’s vice president, cybersecurity strategy, EMEA Adenike Cosgrove said.
The report also found out that email-based threats, were being “employed by cybercriminals targeting employees to steal credentials, siphon sensitive data, and fraudulently transfer funds.”
Threats include Business Email Compromise (BEC), ransomware, credential phishing, compromised cloud accounts, and social media hijacking attacks.
“[Threats] were all being employed by cybercriminals targeting employees to steal credentials, siphon sensitive data, and fraudulently transfer funds,” the report said.
Additionally, 53 percent of employees in the UAE and Saudi Arabia said that they check the email address of a sender before opening an attachment or clicking a link, in order to maintain a level of caution with email communications.
While 65 percent of UAE and 58 percent of Saudi employees said that their organisations delivered “cybersecurity awareness training,” the survey also showed that many employees still believe that the IT team was responsible for cybersecurity.
Emile Abou Saleh, senior regional leader, Middle East, Turkey and Africa, Proofpoint, said:
“The good news is that organisations in the Middle East are taking the right steps to raise employee cybersecurity awareness,” Proofpoint’s senior regional leader of Middle East, Turkey and Africa, Emile Abou Saleh said.
Saleh added: “An effective and comprehensive cybersecurity awareness training program that adapts to the ever-evolving threat landscape is fundamental, as employees are increasingly accessing organisational data from multiple platforms, devices, and locations. Protecting data has never been more critical.”
When surveyed personally, employees are not immune to online scams and threats, the report said.
At least 31 percent of working adults in the UAE and 29 percent in Saudi Arabia had their social media accounts hacked in the past year.
More than one in five also admitted they suffered financial losses due to fraud, while “21 percent of UAE and 19 percent of KSA respondents confessed to stolen online credentials in the past year,” the report said.
Follow us on
