Here are 5 steps companies can take to prevent cyber-attacks

As businesses and governments increasingly move to digitize services and operations, cybersecurity has become a growing concern, both worldwide and in the Middle East.

Cyber-attacks, which are often politically or financially motivated, can cost companies and nations millions of dollars. There is also the threat of sensitive data or intellectual property falling into the hands of hackers.

In Saudi Arabia, several government agencies have been targeted by cyber-attacks over the past year, including the General Entertainment Authority and the Human Resources Fund (Hadaf). Accordingly, the Kingdom has been taking steps to shore up its response to cyberattacks, most notably with the launch of a cybersecurity authority in November last year.

“The hard truth is that there are data security breaches every single day across globe and this is not only limited to Saudi Arabia,” said Harish Chib, vice president – Middle East & Africa at British IT firm Sophos.

“These attacks do, however, highlight the growing concern over cybersecurity, the impact of breaches, and why cybersecurity needs to be a top priority for organizations of all sizes,” he told Argaam.

Sophos lists below five key steps for companies to follow in order to safeguard against cyberattacks:

1) Encrypt the data. Many IT organizations have steered clear of encryption thinking that it impacts performance, or that it is too complicated to effectively implement.  This is no longer the case, Chib said, adding that enterprises should encrypt their most critical data far more often than they do.

2) Ensure that contractors, outsourcers, and third-party partners take cybersecurity seriously. It is a company’s responsibility to secure data that customers have entrusted it with.

3) Take a user-centric view to security. IT departments often focus on devices and fail to see the connection between a user, their data, and all the devices (including mobile devices) that they use on a daily basis.

4) Simplify. Complexity is the “enemy of security,” according to Sophos.  Complicated tools are generally not configured correctly, do not communicate with other tools, or are not deployed at all because despite they are too difficult to use effectively.

5) Train users. Users are often the weakest link in a cybersecurity strategy, as they may frequently engage in risky cyber behavior that can leave the company vulnerable. 

Write to Jerusha Sequeira at jerusha.s@argaamnews.com