Most cyber breaches are caused by human error: cybersecurity depends on you too

Check Point Software Technologies Ltd., a provider of cybersecurity solutions globally, marks Cybersecurity Awareness Month by highlighting the need for each and every individual to prioritise cybersecurity, in both their business and personal lives, in order to fend off the ever-increasing risk of cyber-attack.

For companies, cyber risks are increasing all the time. In fact, according to Check Point Research (CPR), attacks increased by 59% compared to last year. Here in UAE, an organisation is being attacked on average 988 times per week in the last six months. A recent World Economic Forum report revealed that 95% of cybersecurity problems are caused by human error and if you add the global cyber skills shortage to the mix, then you have the perfect storm for a cybercriminal. The 2021 (ISC)² Cybersecurity Workforce Study showed that we are lacking almost three million cybersecurity professionals worldwide.

In light of this, some organisations have started to implement cyber initiatives for their employees. For example, Santander, a multinational financial services company, recently launched an incentive scheme whereby employee responses to phishing attacks are considered as part of the overall company bonus policy.

Having staff that are well trained in cyber hygiene is one of the best foundations for good cybersecurity and so, for Cybersecurity Awareness Month, Check Point Software provides some useful information to help companies identify attacks.

• Phishing: this is a technique that is often successful due to a lack of employee training. Often in the form of an email, it is when a cybercriminal will impersonate a colleague, company or institution to obtain personal data to then sell, use for identity theft or to launch further cyber-attacks. It’s important to be careful when receiving emails, particularly any that include an unusual request. You should check the sender address is legitimate, check for grammar errors and any misspelled words and don’t click on any unfamiliar links or open attachments.
• Malware: this is malicious software that is designed to harm a device or network. In order for it to be successful, the victim has to install such software on their computer, which is usually done by clicking on a malicious link that automatically installs it but it can also enter through a file such as an image, document or video attachment. Again, it is crucial to be careful when receiving emails that contain links or files and only download software from official stores.
• Ransomware: this is a type of malware attack that blocks access to systems unless a ransom is paid. For some time now, there has been double and even triple extortion ransomware, which is capable of blackmailing the victim’s customers too. Like malware, it usually enters a device through a link from a trusted company or a file downloaded to it. Therefore, it is very important not to download anything from an unknown user and utilise multi-factor authentication.