Connect with us

Expert Speak

Building a Security Culture in a Work-from-Anywhere World

Published

2 years ago

on

Written by Emile Abou Saleh, senior regional director, Middle East, Turkey, and Africa, Proofpoint

Protecting organizational data and credentials has never been more critical. Threat actors today realize that it’s more effective (and cheaper) to steal credentials and log in, than trying to hack through technical controls. Once they have siphoned access details from just one employee, they move laterally, stealing even more credentials, compromising servers and endpoints, and downloading sensitive organizational data. And most of these attacks start by targeting unsuspecting employees via email.

Cybercriminals understand that your people hold access to your crown jewels (your data), and that the majority can be relatively easily tricked into taking an action which could put the security of your organization in jeapordy.

Employees across all job levels and functions can put organizations at risk in numerous ways, from using weak passwords and sharing credentials to clicking on malicious links and downloading unauthorized applications. Unfortunately, many employees in the Middle East are demonstrating risky behaviours that could lead to a successful cyberattack.

According to Proofpoint data, the Middle East’s working professionals are putting their employers at risk through their cybersecurity negligence. There is a real lack of ownership when it comes to cyber security: with only 17 percent of employees in the UAE and 14 percent in KSA believing that they share the responsibility for cybersecurity in their organization.

Worryingly, today’s hybrid work environment has intensified the risky behaviours that facilitate successful cyberattacks. From using USB drives and downloading attachments and files from unknown sources to clicking on malicious URL links – Middle East organizations are at risk from many forms of insider threats. More than half (51 percent) of UAE employees and 44 percent of KSA-based employees have connected to home or public Wi-Fi networks without knowing if they are secure.

Driving behaviour change
So what can organizations do to reduce people-centric risk and drive behaviour change? As traditional working models evolve, the old ways of protecting data no longer work. Organizations will need to work together with their employees to up their game and adapt data loss prevention and insider risk solutions to protect endpoints, cloud apps, email, and the web. Data loss for organizations is more than an IT problem and employees must understand they play a critical role in preventing data breaches.

Cyber threat education for users is a part of the answer. A more sustainable and effective solution, albeit a more challenging one to implement, is building a security culture, that goes beyond compliance and training, and motivates and empowers users to keep their organizations safe.

Cybersecurity culture is defined as “the beliefs, values, and attitudes that drive employee behaviors to protect and defend the organization from cyberattacks.” It is a strong factor in the development of positive security behaviors. When employees feel responsible for helping prevent incidents it improves an organization’s overall security posture. When employees buy into the belief that security is everyone’s responsibility, it leads to higher vigilance, appropriate behavior, and prevention of data theft. Overall, it helps reduce people-centric risk.

With a strong cybersecurity culture, users learn to build sustainable habits that extend protection to their personal lives – which is even more vital in the hybrid work environment. After all, cyber threats and online scams do not end at work. Proofpoint data shows that 31 percent of working adults in the UAE and 29 percent in KSA had their social media accounts hacked in the past year. More than one in five also admit they suffered financial loss due to fraud, while 21 percent of UAE and 19 percent of KSA respondents had their online credentials stolen in the past year.

Along with the sense of ownership for an organization’s cyber security, all users need to be empowered with the right knowledge and tools to identify threats and feel responsible for doing their part to prevent attacks from disrupting or damaging the organization. When faced with threats after-hours, on personal devices, or when they least expect them, users then know how to thwart malicious cyber actors.

The good news is that organizations in the Middle East are taking the right steps to raise employee cybersecurity awareness. However, an effective and comprehensive cybersecurity awareness training program that adapts to the ever-evolving threat landscape is fundamental, as employees are increasingly accessing organizational data from multiple platforms, devices, and locations.

Related Topics:
Continue Reading

Artificial Intelligence

How AI is Reinventing Cybersecurity for the Automotive Industry

Published

4 weeks ago

on

April 23, 2025

By

Written by Alain Penel, VP of Middle East, CIS & Turkey at Fortinet (more…)

Continue Reading

Cyber Security

Positive Technologies Study Reveals Successful Cyberattacks Nett 5X Profits

Published

2 months ago

on

March 25, 2025

By

Positive Technologies has released a study on the dark web market, analysing prices for illegal cybersecurity services and products, as well as the costs incurred by cybercriminals to carry out attacks. The most expensive type of malware is ransomware, with a median cost of $7,500. Zero-day exploits are particularly valuable, often being sold for millions of dollars. However, the net profit from a successful cyberattack can be five times the cost of organizing it.

Experts estimate that performing a popular phishing attack involving ransomware costs novice cybercriminals at least $20,000. First, hackers rent dedicated servers, subscribe to VPN services, and acquire other tools to build a secure and anonymous IT infrastructure to manage the attack. Attackers also need to acquire the source code of malicious software or subscribe to ready-to-use malware, as well as tools for infiltrating the victim’s system and evading detection by security measures. Moreover, cybercriminals can consult with seasoned experts, purchase access to targeted infrastructures and company data, and escalate privileges within a compromised system. Products and tools are readily available for purchase on the dark web, catering to beginners. The darknet also offers leaked malware along with detailed instructions, making it easier for novice cybercriminals to carry out attacks.

Malware is one of the primary tools in a hacker’s arsenal, with 53% of malware-related ads focused on sales. In 19% of all posts, infostealers designed to steal data are offered. Crypters and code obfuscation tools, used to help attackers hide malware from security tools, are featured in 17% of cases. Additionally, loaders are mentioned in 16% of ads. The median cost of these types of malware stands at $400, $70, and $500, respectively. The most expensive malware is ransomware: its median cost is $7,500, with some offers reaching up to $320,000. Ransomware is primarily distributed through affiliate programs, known as Ransomware-as-a-Service (RaaS), where participants in an attack typically receive 70–90% of the ransom. To become a partner, a criminal must make a contribution of 0.05 Bitcoin (approximately $5,000) and have a solid reputation on the dark web.

Another popular attack tool is exploits: 69% of exploit-related ads focus on sales, with zero-day vulnerability posts accounting for 32% of them. In 31% of cases, the cost of exploits exceeds $20,000 and can reach several million dollars. Access to corporate networks is relatively inexpensive, with 72% of such ads focused on sales, and 62% of them priced at under a thousand dollars. Among cybercriminal services, hacks are the most popular option, accounting for 49% of reports. For example, the price for compromising a personal email account starts at $100, while the cost for a corporate account begins at $200.

Dmitry Streltsov, Threat Analyst at Positive Technologies, says, “On dark web marketplaces, prices are typically determined in one of two ways: either sellers set a fixed price, or auctions are held. Auctions are often used for exclusive items, such as zero-day exploits. The platforms facilitating these deals also generate revenue, often through their own escrow services, which hold the buyer’s funds temporarily until the product or service is confirmed as delivered. On many platforms, these escrow services are managed by either administrators or trusted users with strong reputations. In return, they earn at least 4% of the transaction amount, with the forums setting the rates.”

Considering the cost of tools and services on the dark web, along with the median ransom amount, cybercriminals can achieve a net profit of $100,000–$130,000 from a successful attack—five times the cost of their preparation. For a company, such an incident can result not only in ransom costs but also in massive financial losses due to disrupted business processes. For example, in 2024, due to a ransomware attack, servers of CDK Global were down for two weeks. The company paid cybercriminals $25 million, while the financial losses of dealers due to system downtime exceeded $600 million.

Continue Reading

Expert Speak

What the Bybit Hack Reveals About the Future of Crypto Security

Published

2 months ago

on

March 8, 2025

By

Written by Oded Vanunu, Chief Technologist & Head of Product Vulnerability Research at Check Point (more…)

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.