In a flash, the world has been thrust into a new way of working.
Employees are working outside of the formalities of the office environment – and many are not used to this. All are facing new logistical and productivity challenges, and cybercriminals have wasted no time in leveraging this. By launching campaigns that aim to take advantage of the new reality, cybercriminals are using social engineering to trick users who are typically more distracted than usual. Despite many businesses restarting office-based work in the UAE, there are still many people relying on online platforms to perform their daily tasks remotely. Eighty-two per cent of organizations in the UAE faced at least one cyber attack in 2019, with more than half (55 per cent) of CSOs and CISOs citing human error and lack of security awareness as one of the biggest IT security risks.
A few research analysis
There are organizations in the UAE maturing in the way they approach their cybersecurity strategies. Different research highlights how UAE companies are optimistic that cybersecurity will become more of a business priority moving forward, with 50 per cent reviewing their cybersecurity strategy twice a year or more and 69 per cent expecting their cybersecurity budget to rise by 11 per cent or more over the next two years. Cyber-attacks increasingly target people rather than infrastructure, and this requires a new approach by organizations: one that puts employees at the centre of their cyber threat mitigation plans. It is vital that organizations in the UAE, as well as across the globe, recognize the human factor threat and embrace a people-centric approach to their overall cyber strategy. A key component of this is a continuous, customized, and holistic training program.
The more relaxed home environment may also lend itself to the potential bending of cyber security best practices expected in the office. For example, using personal machines for convenience, using corporate machines for personal activity, poor password hygiene, or failing to properly log in and out of corporate systems.
With the UAE being the second most targeted country in the region for cyberattacks, the need for companies to become cyber resilient has become of utmost importance.
How to protect yourself from the attacks
However, actions now go beyond firewalls and anti-viruses. Here is how to keep your infrastructure protected, according to Dubai-based tech support and solutions company Geeks:
1. Start with the team:
Cyberattacks usually start at an individual level. Be sure to educate and train employees on a regular basis to increase awareness of security threats.
2. Conduct regular audits of systems and software:
Constant reviews of policies and procedures, as well as reducing users’ privileges to a minimum, will help reduce potential threat channels.
3. Stay on top of patch updates:
Hackers target vulnerabilities that were fixed in the latest software versions in the hopes that companies have not updated them yet.
4. Implement a solution that covers all vulnerable channels:
These include emails, web browsers, and applications. Create information flow between employees to help recognize potential phishing attempts.
5. Stay up-to-date on new technologies:
Just as new hacking methods appear every day, so do new solutions and technologies to counter them. Remain up to date to help your company stay covered against the newest types of threats.
6. Backup your data:
Make sure your files are backed up to prevent a data loss disaster. Do not forget that it is just as important to test your backup as it is to have one.