According to insights from our leading Phishing simulation tool PhishGuard, 58% of users in Saudi Arabia have opened at least one phishing email.
These insights reveal that at least one out of four employees have interacted with a phishing email, either by clicking on a link or downloading a malicious attachment. In some cases, employees have gone further and submitted their personal information after clicking on the phishing link which had redirected them to a fake page.
“Phishing is a quite common entry point for the most successful attacks. Attackers are getting smarter; they now monitor social media activities to send well-crafted emails designed as if they come from a legitimate source. Also, the recent adoption of e-commerce, remote work, and financial technologies since COVID-19, has increased the number of phishing attacks” said Omar AlKathiry, CTO of Cerebra Technologies.
To limit these threats, organisations have taken the initiative to change the behavior of their employees. They started encouraging them to report any suspicious emails, and according to our statistics, approximately 5% of employees effectively reported phishing emails. As organisations continue pushing and encouraging their workforce to become more cyber aware, the percentage will consequently rise. This can effectively help the SOC (Security Operations Center) team in detecting and mitigating any future cyber threats as well as help measure the behavioral change of employees.
To ensure yourself a safe cyber experience there are several practices that our CTO Omar AlKathiri recommends following:
First of all, having a substantial level of cyber awareness is important. Unfortunately, many organisations neglect to update their workforce about the latest changes and trends in the cyber world resulting in them falling for traps launched by cybercriminals. Cyberattacks are evolving and are increasing in numbers by the minute. It is never too late to start encouraging and educating your employees about the importance of their role in digitally protecting the company.
Furthermore, protect your digital assets. Depending only on usernames and passwords for employees and third parties to access servers is not efficient nor safe. Presently, there are different services that can help ensure the confidentiality of an organisation’s assets, such as Identity Access Management (IAM) and Multi-factor Authentication (MFA). This will make tracking user access run smoothly and safely.
At Cerebra, we believe employees have a role in protecting the digital assets of an organisation. “Elevating employee awareness in cybersecurity is the first step to be protected against these attacks. Using phishing simulation solutions can be of help in achieving this step” added Omar. And the Saudi National Cybersecurity Agency (NCA) is playing a vital role in improving the cybersecurity posture within the kingdom through a different set of measures. Such as increasing cybersecurity awareness, building resilience, training Cybersecurity professionals, and developing the cybersecurity sector through multiple programs which led Saudi Arabia to rank second globally and first among the Middle East, Arab states, and Asia in the Global Cybersecurity Index (GCI).
As a Cybersecurity vendor that prioritises the human side of Cybersecurity. We, Cerebra, provide solutions that can support in raising cyber awareness through localised content and Phishing simulations, all with the goal to minimise the impact of threats in the cyberspace.