Almost 83% of employees in the UAE knowingly put their organizations at risk, exposing them to potential ransomware or malware infections, data breaches, or financial loss, according to a report by US-based cybersecurity and compliance company Proofpoint.

Despite a slight global decline in successful phishing attacks, 92% of surveyed organizations in the UAE reported at least one successful attack in the past year, compared to 86% in 2022.

Financial penalties, including regulatory fines, increased by 44% YoY, in addition to a 300%  year-on-year (YoY) rise in reputational damage.

While 90% of surveyed security professionals assert that most employees know their security responsibilities, 38% of employees either expressed uncertainty or claimed no responsibility.

Security professionals believe in more training (90%) and tighter controls (92%), but 94% of employees indicated a willingness to prioritise security if controls were simplified and made more user-friendly.

“Employees must understand that they play a critical role in preventing data breaches, malware infections or financial loss and this isn’t just an IT problem,” said Emile Abou Saleh, Senior Regional Director, Middle East, Turkey and Africa at Proofpoint.

“As traditional working models evolve, the old ways of protecting data no longer work. Collaboratively, organisations and staff must enhance their strategies, integrating controls for financial integrity, data loss and infection prevention to safeguard emails, endpoints, cloud applications, and web interfaces.”

The report examined the perceptions of 7,500 employees and 1,050 security professionals across 15 countries.

(Editing by Seban Scaria