This study assessed users' awareness of cyber security practices for preventing data attacks. The study employed a descriptive research design and quantitative research approach. A random sampling technique was used to select a sample of 65 respondents. Data were collected through structured questionnaires. Descriptive statistics such as mean and standard deviation were used to analyse data. The validity and reliability of data collection tools were ensured. Findings revealed that the user's awareness of cyber security practices on prevention of data attacks was high in the selected case for study, which remains anonymous. The study recommends that due to the rapid changing of technology, the organisation should prevent risks from various sources, including internet-borne attacks, such as spyware or malware, user-generated weaknesses, such as easily guessed passwords or misplaced information, inherent system or software flaws and vulnerabilities and subvert system or software features.