As attacks to personal devices are ramping up and becoming even more sophisticated, Cisco security experts warn of the relaxed approach to cybersecurity in the home and on personal devices. Its recent survey revealed that 73% of Saudi Arabia respondents are worried about their connected devices being hacked or attacked.
Cisco has revealed the results of its recent consumers’ security survey in the Kingdom of Saudi Arabia (KSA). The study revealed interesting trends about device security amid the significant acceleration of digitisation across KSA.
“Cisco consumer survey in KSA is giving us a tremendous insight into general approach to security when the private and the public are blending in the hybrid workplace,” said Fady Younes, Cybersecurity Director, EMEA Service Providers and MEA, Cisco. “While the pandemic has accelerated the hybrid work model and the remote access to business data, we have identified many red flags consumers should pay attention to. We have noticed that unconscious insider threats are becoming an increasingly common part of the attack chain. Even the smallest of data leaks can lead to huge implications on the cyber-safety of individuals.
“With the line between work and home permanently blurred, we are seeing that the habits used for personal activity are increasingly applied to work ones – a huge threat to organisations for whom reputation is invaluable. While organisations can’t erase human error, they can certainly mitigate it. Businesses should also be holding data securely in the cloud and allowing access based on Zero Trust principles – aligning all access with individual needs and contexts.”
Using personal devices for work
With the advent of hybrid work and against a backdrop of intensified cyberthreat, the research was conducted with the aim of understanding attitudes to cybersecurity in the home. The results in Saudi Arabia reveal the huge number of people who frequently use their personal devices for work tasks such as sending emails (67%) and frequently making business calls (66%). Only 35% have never chatted about work tasks on their personal device or worked on a business document.
Of over 1,006 polled consumers in KSA, the majority have three or more connected devices and all respondents share at least one connected device with someone else in the house. Amid a global surge in cybercrime at all levels, respondents do appear concerned about the threat of attack, with 73% saying they’re worried about their personal devices being hacked. With the number of connected devices shared in the home, 72% have updated their password in the past six months – the highest percentage across Europe, the Middle East and Africa (EMEA).
Risk is not only a factor at home, as so many people now work in public spaces or check in on work tasks on the move. The always-on mentality of so many means people are risking shortcuts to connectivity. In KSA, 56% of respondents frequently use public networks for personal tasks and 61% use them for basic work tasks.
Misunderstanding security measures
Usernames and passwords have never been a particularly effective technique for keeping cyberthreats away. Adding Zero Trust principles, including Multi-Factor Authentication (MFA) to accounts, are very simple methods for adding a strong extra layer of protection to system access.
However, 29% in KSA do not use or do not know what MFA is. As nearly every smartphone now has a fingerprint or facial scanner, consumers are choosing to use biometrics instead of passcodes to unlock and log in to applications on their personal devices. Organisations have an opportunity to leverage this technology, which is already in employees’ pockets, to drive the adoption of strong Zero Trust principles framework at work.
Inconsistent education opportunities
A major challenge in closing the gaps in cybersecurity is educating millions of people at a consistent level. When asked where they seek advice about online and device security behaviour, the answers were stacked predominantly towards asking friends and family (50%) or via social media (48%).
Subjective advice and opinions on cybersecurity can mean a deficit in genuinely robust measures. For the average person it may seem unlikely that their home Wi-Fi will be hacked, or that someone will steal their data while on a public network. However, it only takes one opportunist and a very short window of time to access and harvest the information they need.Click below to share this article