'Zero trust policy': UAE cybersecurity experts say staff awareness could cut attacks by half

Companies need to educate, train and create awareness among staff against cyber threats because this will eliminate a significant amount of cyberattacks, industry executives said on Wednesday.

“Firms need to educate their people about cyberattacks. If all people know about cyber threats, then half of cyberattacks can be eliminated automatically. Even if it still happens, then large firms must have a rapid response team which will definitely help. You should also have a zero trust policy in place in your organisations,” said Padam Kafle, head of innovation, Aster Digital Health.

Kafle was speaking during a panel discussion at the FutureSec Summit 2024 organised by Khaleej Times on Wednesday. Dozens of public and private sector executives attended and spoke at the one-day summit.

Stay up to date with the latest news. Follow KT on WhatsApp Channels.

He noted that the first criterion of how well prepared firms are to deal with cyber threats is how quickly they can detect and recover from the cyber attack.

Jayakumar Mohanachandran, group chief information officer, Buzeki Enterprises, said human is the weakest link in the organisation, but companies can turn them strongest by raising awareness and training.

“But it is ignored by many organisations and the importance of this is very high in the age of artificial intelligence (AI). You can bring a lot of simulation and training with the help of AI itself. If firms integrate cybersecurity into everything, they will rarely miss training and awareness. It should be comprehensive and you make sure that all employees go through it. It is not just junior staff who might have clicked on phishing email, it can go up to senior level also,” he said.

• Number of successful cyberattacks in the Middle East tripled in Q1 2024, study shows