Survey cites human error as leading breach risk as firms urged to strengthen awareness
The outcome of DEEP component-II will be the development of Pakistan Business Portal at a cost of $15 million for the first fiscal year of the project, ie, 2024-25. photo: file
LAHORE:
A recent survey by Kaspersky in the Middle East, Turkiye and Africa (META) region, titled “Cybersecurity in the workplace: Employee knowledge and behaviour”, found that just 41% of professionals in Pakistan received training on digital threats. The knowledge gap is significant, particularly as the majority of cybersecurity breaches are attributed to human error.
The findings underline the need for IT departments to provide clear guidance and for organisations to implement structured, practical cybersecurity training that reaches employees at every level.
Many cyberattacks today are deliberately designed to bypass digital defences by exploiting human psychology. “Social engineering” schemes, such as phishing emails, manipulate trust and urgency to trick employees into sharing sensitive information or initiating fraudulent transactions. Around 68.5% of surveyed professionals encountered scams disguised as messages from their organisation, colleagues or suppliers within the past year, while 40% suffered negative consequences after such deceptive communication. Other cybersecurity issues linked to the human factor include compromised passwords, leakage of sensitive data, unpatched IT systems and applications, and unlocked or unencrypted devices.
Human-related cyberattacks can be prevented through appropriate education and awareness. About 51.5% of respondents acknowledged they had made IT-related mistakes due to a lack of cybersecurity knowledge.
