Human firewall vulnerability: 21% of companies in Saudi Arabia do not train employees on IT

According to Kaspersky’s Business Digitization survey, only 33% of companies in Saudi Arabia organized trainings on cybersecurity for their employees. 21 of businesses did not organize any IT-related trainings for their employees, even on basic IT functions. If an employee lacks digital skills & knowledge, it may produce serious risks for the cybersecurity of the whole organization: this employee can open a phishing link or download ransomware on a corporate device and it will result in financial and reputation losses for the company.

There is a demand for training among employees in Saudi Arabia as many as 31%% would like to see more regular trainings on cybersecurity. Most often these are requested by employees working in the spheres of construction and engineering, education, hospitality.

“The ‘human firewall’ is one of the key defenses from cyber incidents. Third party research showed that 95% of cybersecurity threats are in some way caused by human error. This is why workers on any level — from top managers to interns — should receive proper cybersecurity training,” comments Emad Haffar, Head of Technical Experts at Kaspersky. “Kaspersky offers the Automated Security Awareness Platform to contribute to the education and upskilling of employees at all levels. The Platform is an online and on-premise tool that builds strong, practical cyber-hygiene skills for employees throughout the year.”

“At the same time, organizations should be ready for the human firewall breach and the threat from within, and for that they need 360-degree protection. Extended Detection and Response – XDR – is a cybersecurity solution that plays a significant role in addressing advanced threats, going beyond traditional Endpoint Detection and Response by providing extended visibility and analysis across multiple security layers and domains.”

To help your employees improve their digital skills, Kaspersky experts recommend:

  • conduct regular checkups to understand what digital skills are most needed for business;
  • organize cyber literacy courses and trainings for employees so they could improve their skills – use Kaspersky Automated Security Awareness Platform, an online learning tool that would help to train employees about relevant topics in cybersecurity;
  • make sure employees know about trending cyberthreats like phishing, scam, ransomware attacks and how to recognize and avoid them;
  • check your endpoint protection solutions, including antivirus and anti-malware software;
  • use Endpoint Detection and Response (EDR) solutions for real-time visibility into endpoint activities, allowing for the detection, investigation, and response to security incidents on individual devices;
  • use XDR for integrating and analyzing data from various security sources, including endpoints, networks, email, and cloud platforms. This comprehensive visibility allows security teams to detect and respond to threats that may target different parts of the organization.