Protecting Your Data From The Outside-In and Inside-Out

Many of the common cyberattacks facing businesses in the Middle East are nothing new. The modern threat landscape contains several familiar foes, from malware and ransomware to phishing and cloud account compromise.

Proofpoint’s 2022 State of the Phish Report findings confirm that email remains the number one threat vector. Globally, a massive 83% of survey respondents said their organization experienced at least one successful email-based phishing attack in 2021, a 46% increase over 2020. To dig deeper, more than three quarters (78%) of global organizations saw email-based ransomware attacks in 2021, while 77% faced business email compromise attacks (BEC) (18% YoY increase of BEC attacks from 2020), reflecting cybercriminals’ continued focus on compromising people, as opposed to gaining access to systems through technical vulnerabilities.

While it’s evident that email remains the number one threat vector for cybercriminals, organizations in the Middle East must also be aware of additional heightened threats that the commonplace work-from-anywhere model brings.

The global shift to hybrid working models has increased reliance on collaboration platforms and cloud technologies to maintain business continuity while employees are working from anywhere. In addition, organizations are creating and moving more data than ever – with significant amounts of this data being stored in the cloud. This in turn creates increased security risks for organizations – the more cloud-based platforms they are using, the greater their attack surface.

Looking at data protection from the inside-out

Hybrid environments are a firm fixture of the modern workplace. But while this approach can bring benefits through increased morale, greater productivity, and lower costs, it is not without its challenges.

Staff working outside the norms of the office environment may also behave differently. And, backed by a host of powerful collaboration tools, it is easier than ever to share and expose sensitive information – both unintentionally and maliciously.

This now-familiar environment has seen the number of insider incidents increase by an incredible 44% in the past two years, with total annual costs running to $15.4 million, up from $11.45 million in 2020.

• 83% survey respondents (globally) said their organization experienced at least one successful email-based phishing attack in 2021, a 46% increase over 2020
• 78% of global organizations saw email-based ransomware attacks in 2021
• 77% of global organizations faced business email compromise attacks (BEC)

CISOs in the UAE have already shown awareness of this growing risk. Proofpoint’s Voice of the CISO 2021 Report3saw insider threats as the biggest concern in terms of cyber risk, with 29% of respondents citing this. This was followed by phishing (28%) and Business Email Compromise (25%).

While we can’t attribute the overall rise in insider threats to a single factor, the shift to work-from-anywhere and the “Great Resignation” have both exacerbated these risks. It’s easier than ever for employees to share and expose large amounts of sensitive information – both carelessly and maliciously.

Employees are leaving companies at high rates and going to competitors. Not all of these employees think they’re doing anything wrong, and quite a few of the biggest cost areas are simple negligence. Many are even endangering data by simply figuring out how to work around business processes that have been broken or stretched by the transformation in how they need to work now.

In fact, in a majority of cases, data exposure is unintentional. Almost three-quarters of insider threats are careless or negligent.

Compromised insiders are also on the rise, though. Credential theft increased from 14% of incidents in 2020 to 18% in 2022. These incidents are also having a greater impact on the bottom line: the cost of credential theft to organizations increased 65% from $2.79 million in 2020 to $4.6 million in 2022.

Protect your people, protect your data

Naturally, the cyber challenges facing enterprises today are not focused on one front. Whether it’s external threats, or those from within, a robust cybersecurity strategy must involve your people. Employees should be empowered to identify the threats they face externally and the steps they can take to avoid creating internal risks.

Proofpoint’s State of the Phish findings reveal that global workers still have a low-level of understanding of certain threats and misconceptions around responsibilities in keeping threats at bay. For example, almost half (49%) of global respondents believe that all dangerous emails will be automatically blocked by their organization. This misalignment could lead to an accidental insider threat.

Your staff also may be unaware of the steps they need to take when working outside the office, or they may be simplifying tasks for ease. It could even be the case that disgruntled employees or leavers working out their notice are intentionally seeking to harm your bottom line.

Security is a shared responsibility. We must empower people, at all levels within our organizations, to understand security and the risky behaviors that can lead to breaches. Training and awareness programs are crucial, but one size does not fit all. Make sure your program is from the perspective of the user – make it relevant to their work and personal lives.

Every member of your team should understand all policies, regulatory and security requirements related to their work – wherever they carry it out. Most importantly, they must understand the potential consequences of failing to comply with these stipulations.

As with any new development in the way we work, the risks associated with hybrid environments can be mitigated. But the time to act is now. The longer bad habits form, the harder they are to break.