Organisations in the Kingdom of Saudi Arabia (KSA) are making gains in the fight against cyberattacks, with many organisations seeing a decline in the volume of incoming attacks and suffering less downtime in the wake of a successful attack.
The latest Mimecast State of Email Security 2022 report found that, despite email usage increasing at eight out of 10 KSA companies, only 38% are concerned about increasingly sophisticated attacks and less than a third are concerned about insufficient security budget.
“Organisations in KSA have risen to the challenge of an escalating number of email-based attacks by allocating sufficient budgets, conducting regular cybersecurity awareness training and investing in the tools and technologies needed to build greater cyber-resilience,” said Werno Gevers, Cybersecurity Expert at Mimecast. “In fact, nearly all (98%) of companies in the region have a cyber-resilience strategy in place or are actively planning to implement one.”
Many respondents actually reported fewer email-based attacks over the last year. Just under half of surveyed organisations (40%) experienced a decrease in phishing attacks, 38% saw a decrease in internal threats or data leaks initiated by malicious insiders and a third (34%) witnessed a decrease in business email compromise.
“KSA organisations are also setting an example in building greater resilience against ransomware attacks, which are expected to cost organisations US$265 billion globally by 2031,” added Gevers. “While six in 10 organisations suffered a ransomware attack in the past year, the average downtime is only five days compared to a global average of over seven, 17% of KSA companies say they experienced no downtime, far outpacing other regions where – when looking at a global average – as little as 2% of companies could claim the same.”
Improved employee awareness is paying off
One of the keys to KSA organisations’ success in the fight against cybercrime is the widespread use of cyber awareness training to equip employees with knowledge and tools to avoid risky online behaviour and minimise potential compromise.
“Just 44% of organisations in KSA provide ongoing cyberawareness training to employees –nearly double the global average of 23%,” said Gevers. “This appears to be translating into some positive behaviour: only two-thirds of organisations said they were concerned over employees using personal email against a global average of 81%, while 60% admitted to being worried that employees overshare company information on social media, compared to 80% of organisations globally.”
Click below to share this article