Region’s users lack security awareness
Regional IT users lack awareness of security threats, delegates at an e-security forum were warned this month
Regional IT users lack awareness of security threats, delegates at an e-security forum were warned this month.
“There is a significant lack of awareness among users, whether they are general public or even enterprises,” said Rashed Al Alabbar, product manager of security at Etisalat, speaking at Etisalat’s eSecurity forum, held in Abu Dhabi earlier month.
Users have an astonishing lack of awareness about how to secure themselves and how to protect themselves online, whether using online services or normal e-mails or visiting websites, Al Alabbar warned.
“There are a lot of threats around these normal day-to-day usages and they are now constantly being exploited by hackers and attackers. If we can compare our region to Europe or the US, I would assume that probably awareness is even less here and the efforts being made to raise awareness are far less than the others,” he said.
Another issue, Al Alabbar said, is who is responsibile for security. “Is it on the consumer, is it on the end user or does it lie on the service provider whether that is a communication service provider like Etisalat or a financial service provider like banks?” he asked.
Al Alabbar said that with, for example, banking, there is a question mark over who should take responsibility for a system being hacked, whether the responsibility lies with the customer for being ignorant of threats or with the bank for not having educated the customer properly.
Banks and financial institutions are the companies most at risk in the region, Al Alabbar said, although there is an increase in attacks targeted at the general public which is generally seen as less aware and an easier target.
Phishing attacks, ID theft and denial-of-service attacks were identified as the main threats in the region, Al Alabbar added.
One of the main recommendations to come out of the forum was a call for greater regulation in the Middle East.
In comparison to the US and Europe, there is a distinct lack of regulation governing both the need for organisations to abide by standards regarding information security and to ensure the public is aware of privacy issues, Al Alabbar said.
“If we start off, we should start off with a consolidated regulation, one regulation that covers various aspects of the needs of different sectors,” he suggested at the event.