LAHORE: A large number of Pakistani professionals are putting their companies at risk by using work devices without proper security safeguards, a recent survey has revealed. While 70% of respondents said they use mobile phones for work alongside computers, and nearly one-third also rely on tablets, only 70.8% confirmed that they had installed cybersecurity protection on all devices accessing business data. Alarmingly, 7% of respondents admitted they were unsure whether their devices were protected at all.
The findings highlight the growing vulnerability of businesses in Pakistan as employees increasingly rely on multiple digital tools without adequate protection. Unsecured devices can become entry points for cyber attackers to steal sensitive data, spread ransomware, or disrupt operations.
The survey also showed that risky behaviors are widespread. Nearly 50% of respondents admitted to using work devices for personal activities such as streaming, gaming, shopping, or holiday bookings in the past year. Another 49.5% connected work devices to unsecured public Wi-Fi networks, while 22% reported losing a work device and 23% said their device had been stolen.
Experts warn that such practices open the door to a wide range of cyber threats. Personal use of work devices increases exposure to malicious websites and unauthorized apps. Connecting to public Wi-Fi networks, which often lack encryption, allows cybercriminals to intercept data or plant harmful software. Lost or stolen devices without proper security features—like strong passwords, encryption, or remote wipe capabilities—pose an even greater risk of confidential information falling into the wrong hands.
“With the increasing reliance on cloud services, remote work, and mobile access, businesses need to implement comprehensive security measures,” said Brandon Muller, a regional technical expert, Kaspersky. “Cyber hygiene—good IT habits, strong security policies, and robust security solutions—are essential to safeguard business systems. Endpoint protection, multi-factor authentication, regular software updates, and reliable backups are no longer optional, they are must-haves.”
To help organizations strengthen defenses, the report recommends security policies covering everything from passwords to software installations, as well as network segmentation and data encryption. It also urges businesses to provide regular employee training to build cybersecurity awareness, supported by automated platforms. Finally, companies are advised to adopt modern endpoint and network protection solutions designed to meet the needs of businesses of all sizes.