Technology

Gaps in cybersecurity policies and shadow IT leave organizations in Pakistan vulnerable: Kaspersky

Published by
Staff Reporter

ISLAMABAD: A recent Kaspersky survey entitled “Cybersecurity in the workplace: Employee knowledge and behavior” showed that 39% of professionals in Pakistan consider cybersecurity rules in their company to be excessive or not fully appropriate.

While 8% noted that their organizations do not have cybersecurity rules, or that they are not aware of them. These results show a disconnect between corporate cybersecurity policies and employee commitment to these rules, underscoring the risks associated with shadow IT and unmanaged device usage in the workplace.

Shadow IT is defined as the use of unauthorized software, devices, or services without IT oversight, and it has evolved into a critical business risk.
While often driven by employee productivity needs, it creates blind spots for IT departments. The rise of hybrid work environments, increased reliance on cloud-based tools, and the spread of AI tools have accelerated this trend.
38% of survey respondents in Pakistan said there are no policies regarding the use of non-corporate devices in their company. 17% of employees admitted that they can use their own devices to access business information, provided they have some type of cybersecurity protection, even consumer-grade software.
On the positive side, 16% said they can use their own device, but these must first pass more stringent corporate IT security checks; while 29% of respondents indicated that only devices provided by the IT function can be used for work purposes.
The situation is significantly better with permissions for employees to install software on corporate devices without the IT department’s approval. 56.5% reported that only IT specialists in their company are allowed to install software, while in 19.5%% of organizations, only top management or designated users can do so.
17% of employees can install software that is approved by the IT team. However, 7% of respondents said that all users can install any software they need without IT agreement in their organization.
At the same time, 26% of professionals surveyed in Pakistan acknowledged that within the past year, they installed software on their work devices without IT supervision.
That highlights a persistent shadow IT challenge that continues to expose organizations to security vulnerabilities, compliance risks, and data breaches.
“Shadow IT is now a mainstream operational risk. When one in five employees installs software without IT oversight, it signals a policy gap. Many organizations already have security policies in place, but employee perception must also be considered.
Organizations should move beyond restrictive controls and instead implement intelligent, user-centric cybersecurity strategies that combine strategies that integrate technology with employee awareness and responsible use,” said Toufic Derbass, Managing Director for the META region at Kaspersky.
To help organizations strengthen their defenses, Kaspersky recommends that organizations in Pakistan conduct a Shadow IT audit to identify all unauthorized software, cloud services, and personal devices accessing corporate data.
Implement robust monitoring and cybersecurity solutions, for example, from the Kaspersky Next product line with EDR and XDR tiers, to gain visibility into unsanctioned app usage and device behavior.
If employees are allowed to use personal devices, define clear minimum security requirements and enforce them through solutions such as mobile device management (MDM) or endpoint management tools.
Complement user-friendly cybersecurity policies for employees with training that demonstrates real-life risks and ways to avoid them. Solutions such as Kaspersky Automated Security Awareness Platform can help.
For employees, Kaspersky experts advise that every employee should understand their company’s cybersecurity policies. Only use applications that have been approved by your IT department and request access to specific IT resources when needed. Store and share work files only through approved platforms.
Staff Reporter

Recent Posts

Gold prices drop by Rs5,600 per tola in Pakistan

KARACHI: The gold prices in Pakistan have been reduced to Rs 424,136 following a reduction…

42 minutes ago

When will Safar moon be sighted? SUPARCO predicts

ISLAMABAD: According to Pakistan Space and Upper Atmosphere Research Commission (SUPARCO), the new moon of…

2 hours ago

11 died as house collapses in Kohat after heavy rains

KOHAT: A residential house collapsed due to heavy rain in the Malgin area of ​​Lachi…

2 hours ago

Alternative to the Strait of Hormuz Ready: UAE Decides to Build New Port

ABU DHUBAI: The United Arab Emirates has prepared a plan to establish a new multi-purpose port…

2 hours ago

Afghan Women’s refugee team could Play International matches by 2030

DUBAI: The International Cricket Council (ICC) is considering plans that could allow the Afghan women's…

3 hours ago

US-Iran tensions spark fears of fuel price hike in Pakistan

ISLAMABAD: Escalating tensions between the United States and Iran have once again unsettled global oil…

3 hours ago