This year's security survey by CompTIA (the Computing Technology Industry Association) reportedly indicates an increase in the proportion of security incidents relating to human error - up from less than half last year to just under 60% this year. "The most frequently mentioned cause for these errors was failure of staff to follow internal security policies and procedures. Clearly, it is still the human behind the PC that requires behavior modification when it comes to safe computing practices. But there is a disconnect in the responses that organizations are marshalling to combat the threats posed by their employees. Just 29% of organizations surveyed said that information security training is a requirement at their company. Yet among those who require security training for all employees, 84% said such training has resulted in a reduced number of major security breaches since implementation." Whilst we might quarrel with the author's specific reference to 'security training', we would wholeheartedly agree with the thrust of his article. [We are awaiting formal publication of the CompTIA survey report. This article is dated tomorrow.]
More security awareness resources
No comments:
Post a Comment