Knowledge on organization’s cyber security policies high in the UAE finds Trend Micro

Trend Micro today released survey results that show how remote workers address cybersecurity. More than four-fifths (82%) of remote workers in the UAE say they are more conscious of their organization’s cybersecurity policies since lockdown began in March, but many are breaking the rules anyway due to limited understanding or resource constraints. The UAE has since seen lockdown regulations ease as organizations return to work with new physical distancing and hygiene precautions.

Trend Micro’s Head in the Clouds study included interviews with 13,200 remote workers across 27 countries, including 502 remote working knowledge workers in the UAE, on their attitudes towards corporate cybersecurity and IT policies.

The results indicate a high level of security awareness in the UAE, with 88% of respondents claiming they take instructions from their IT team seriously, and 85% agree that cybersecurity within their organization is partly their responsibility. Additionally, 79% acknowledge that using non-work applications on a corporate device is a security risk. However, just because most people understand the risks does not mean they stick to the rules.

For instance:
• 58% of employees admit to using a non-work application on a corporate device, although 38% had asked permission from IT to do so. 39% of them have actually uploaded corporate data to that application.
• 40% of respondents confess to using their work laptop for personal browsing, and only 49% of them fully restrict the sites they visit.
• 36% of respondents say they often or always access corporate data from a personal device – almost certainly breaking corporate security policy.
• 6% of respondents admit to watching/accessing inappropriate material on their work laptop, and 8% access the dark web.

Productivity still wins out over protection for many users in the UAE.

“The high degree of cybersecurity awareness in the UAE as demonstrated by the survey results is not surprising given the country’s pioneering approach to delivering online services through a ‘smart cities’ strategy – this has resulted in a highly mature and aware market,” said Majd Sinan, Country Manager UAE at Trend Micro. “In the UAE, cybersecurity training should evolve not only to take different personas into account, but also the new normal of remote working. There are individuals who are either blissfully ignorant or worse still who think cybersecurity is not applicable them and will regularly flout the rules. Hence having a ‘one size fits all’ security awareness program is a non-starter.”