While it’s akin to telling the person next to you that the sky is blue, a recent study by the Enterprise Strategy Group (ESG) confirmed that people present the greatest security risk of all.
While it’s no secret that people are the weakest link when it comes to security, the researchers at ESG wondered, ‘if it’s commonly known that people are what are causing security vulnerabilities, why is it continuing to happen at such an alarming rate?’ According to their findings, the ESG says that it comes down to two things: Training and communication.
The ESG found that that out of all the security professionals they surveyed, more than half of them said communication and training of users on how to use confidential data was the most important part of creating successful security practices. But over one fourth of those same professionals gave the company they worked for a rating of ‘poor’ or ‘fair’ when it came to training employees on proper security practices, saying that their company spent more money on technological solutions then they did on proper security training.
And these findings were recorded during better economic times.
Without delving into the doom and gloom too much, it’s important to note that training and communication are some of the first ‘overhead’ to get cut during a financial crunch. If companies were already doing a poor job of training their employees on proper security practices before the recession, it’s frightening to think of what security training (or lack thereof) looks like now.
In times like this, it’s more important than ever to keep security strong so attackers don’t take advantage of under informed employees. Companies might want to reconsider spending money on technological solutions instead of security training because in the end, those ‘technological solutions’ are only as smart as the people who use them.
Has security training been cut due to the economy where you work? If so, have you experienced more vulnerabilities than usual? Let us know by leaving a comment below. You can also read more about the ESG’s findings on CNET.
Keep the local security community going strong by becoming a subscriber of our site. You can also spread the word about NovaInfosecPortal
by passing this post along to a friend.