Most employees clueless on digital attacks in the workplace

A majority of the Filipino companies have become more open to training their employees in cybersecurity as most of them lack awareness of digital attacks that maybe aimed at both the staff and the companies themselves, according to a survey conducted by Fortinet.

This is based on a poll of 50 executive- and management-level professionals in the Philippines and Malaysia coming from different industries including manufacturing, financial services, technology and professional services.

The proliferation of cyberattacks backed by artificial intelligence (AI) has encouraged 92 percent of the respondents to implement security training, Fortinet found out.

READ: 46% of Filipinos embrace generative AI at work — survey

The study revealed that educating the employees had become imperative as 60 percent of them were likely to fall victim to attacks due to lack of “critical cybersecurity knowledge.”

“Employees must be equipped with the skills to identify and respond to these evolving threats, serving as a strong first line of defense. However, for these initiatives to be truly effective, organizations need to regularly reassess and refine their training programs, ensuring they are engaging and relevant,” Fortinet Philippines country manager Alan Reyes said in a statement on Thursday.

Apart from cybersecurity, Fortinet noted that companies were also training their employees in data privacy and security.

The skilling programs were well-received by the companies as 92 percent of the respondents cited positive impact.

Among the common attacks targeting enterprises are malware and phishing, Fortinet noted.

Malware—or malicious software—is designed to illegally access computer systems with the purpose of inflicting damages or disrupting operations.

Phishing, meanwhile, is a scheme whereby hackers trick unsuspecting victims into providing their personal information like bank account and contact details, and even corporate data. This is usually launched via emails and mobile messages embedded with suspicious links that lead to fake websites where the victims will be asked to input sensitive data.

“As cybercriminals increasingly leverage AI to enhance their attacks, it becomes imperative for organizations in the Philippines to elevate their security awareness initiatives,” Reyes said.

With the help of AI tools, the phishing email or text scams can appear legitimate, making them more deceiving in the eyes of the recipients.

In a study last year, global technology company IBM explained that business email compromise (BEC) is among the common forms of attacks launched against enterprises.

In BEC attacks, hackers send emails embedded with suspicious links to business emails of company employees. Such a threat hopes to trick employees into providing access to the corporate IT system.