Top ten employee security gaps

The IT Compliance Institute's top ten list of 'employee security gaps' makes sense, expanding on five key areas (training, policies and procedures, disaster recovery and business continuity planning, audits and risk analysis) that seem to be common to most organizations.

My favourite, of course, is number ten:

Train, train, and train some more

If there’s a common thread the experts all agree on in addressing each of these issues, it’s the importance of education and training. Poor training and unaware employees lie at the root of many if not most employee security breaches. All three of the interviewed security experts emphasized one point: Use real-life examples from today’s headlines to shake employees out of security complacency and to help make your points. Unfortunately, there’s no lack of those stories into the foreseeable future.