'Human negligence' is a criticial weakpoint in cybersecurity

Integrated and concrete efforts are required to thwart cybersecurity threats and control cybercrimes as it has become a serious global issue and needs to be addressed at the earliest, says a top official of Pakistani investigation agency.

Sanaullah Abbasi, director-general of Federal Investigation Agency (FIA), said that estimated cost of cyber offences on organisations globally had flown up to $400 billion as the entities and businesses rarely invest in and plan for the human component of cybersecurity until after a breach has occurred. For major security breaches, this can cost the organisation millions of dollars.

“Human factor is a critical weak point in cybersecurity,” Sanaullah Abbassi, director-general, Federal Investigation Agency (FIA), said while addressing a conference organised by Gulf Information Security Expo & Conference (Gisec) Global 2022 in Dubai recently.

Human negligence

Referring to a recent study carried out by the IBM, he said that 95 per cent of cyber security breaches were perpetrated due to human errors or human negligence and people should be trained and updated with latest technology tools to minimise the scope of security breach. He said human errors were often overlooked in cyber offences and hence resulted in massive cyber breaches.

“Many executives have the mindset that cybersecurity is the responsibility of IT department, rather it is everyone’s responsibility. Employee awareness should be the first line of defence of an organisation’s digital assets,” Abbassi told Khaleej Times during an interview.

Adopt tangible measures

Abbassi, an industry veteran with his decades long experience in the field of law-enforcement, suggested that 19 out of 20 cyber breaches could not have taken place if human error was eliminated or contained to an extent.

“The organisations must adopt tangible measures to address the element of human error, and build a cyber workforce, capable of rising up to the challenge of cybersecurity through recruitment of cybersecurity experts,” he said.

“Types of cyber threats and methods of prevention change every day. But, installing a culture of cyber interest and awareness equips an organisation to better handle changing cybersecurity threats,” he added.

He said cybercrimes have abundantly increased with the abundant use of internet and social media. The FIA received over 100,000 complaints from across the country in 2021 and in the first quarter of 2022, the number of complaints reached 60,000, he said.

“The FIA, despite limited resources, had successfully resolved most of the complaints and justice had been provided to the victims and punishments to perpetrators,” he said.

The Gisec Global is the region's most established and influential cybersecurity exhibition and conference truly representing the Arab World.

— muzaffarrizvi@khaleejtimes.com