According to a report by cybersecurity firm Proofpoint Inc., a majority of organisations in the UAE have experienced cybercrime, specifically email-based phishing attacks. The report revealed that 86% of companies surveyed had experienced at least one successful attack, with 44% of those resulting in direct financial losses. The pandemic-related job mobility and economic uncertainty have led to a higher rate of workers changing or leaving jobs, making it difficult for organisations to protect their data.
The report found that over 72% of organisations had experienced data loss due to insider actions, and 49% of employees who changed jobs admitted to taking data with them. The report also highlighted that attackers are using both tried-and-tested and emerging tactics to compromise organisations, with brand impersonation, business email compromise, and ransomware remaining their preferred methods. The report further revealed that over 18 million end-user-reported emails and 135 million simulated phishing attacks took place over a 12-month period.
The basic cyber threats are not well understood due to security awareness gaps, which can be overcome with cyber hygiene. An effective and comprehensive cybersecurity awareness training program is essential to build a strong security culture, as people-centric cyberattacks pose the biggest risk to organizations and working adults in the Middle East. Employees play a critical role in preventing data breaches and protecting data, as they are increasingly accessing organizational data from multiple platforms, devices, and locations.
The traditional ways of protecting data no longer work as the old working models evolve. Therefore, organizations must work together with their employees to adapt data loss prevention and insider risk solutions to protect endpoints, emails, cloud apps, and the web. Emile Abou Saleh, senior regional director, Middle East, Turkey, and Africa, Proofpoint, highlighted the importance of protecting data as it has never been more critical than before.