ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Industry watch Toolkit

Poor training causes security holes

Will Sturgeon Silicon.com

Published: 27 Mar 2003 18:14 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Human error in the workplace still poses the single biggest threat to corporate networks, with a lack of training being blamed for problems businesses should have overcome long ago.

A survey commissioned by the Computing Technology Industry Association (CompTIA) revealed that 31 percent of companies have experienced between one and three "major security breaches" in the past six months -- characterised as a security breach which causes real and serious harm to a network.

Worryingly, 22 percent of respondents said none of their IT staff have received specific security training while more than two thirds of companies polled said only a quarter of their IT staff are trained on security issues.

Unsurprisingly therefore, almost all companies -- 96 percent -- said there is a need for more security training among IT staff.

Matthew Poyiadgi, CompTIA's regional director, UK and Scandinavia, said in a statement: "We think the results are pretty staggering. Where organisations have looked primarily to technology for network safety, human error looks to be a major, underlying factor in more than 63 percent of identified security breaches."

Because our findings also show that security related training and certification have been under-utilised, CompTIA believes that better training and certification of IT staff will make our networks safer."

In response to the findings, one security minded techie, Mike Lee, senior security specialist at BT Ignite, highlighted an 'after the horse has bolted' philosophy towards IT security in Europe.

Lee said: "IT security in Europe is only taken seriously if a company has recently suffered an attack, been asked to comply with an audit or legal instruction, or is about to implement a new e-commerce or Web-based service. This reactive attitude to security places companies at risk -- organisations need to place greater emphasis on prevention."

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Security News Section.

Let the editors know what you think in the Mailroom.

For all job and work-related news, or to search for a job and get information on training, go to ZDNet Jobs.

Let the editors know what you think in the Mailroom.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
41 out of 84 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Industry watch


Company/Topic Alerts

Create a new alert from the list below:







Related Jobs

PROJECT MANAGER, IT OPERATIONS (IT/BANKING/FS) 40k circa +benefits

Senior Information Security and Risk Manager

SENIOR DATABASE ADMINISTRATOR (ORACLE)

Discussions

roger andre roger andre

Nasa hacker loses last-ditch appeal

Monday 13 October 2008, 6:29 PM

1 comment
johnfranks999 johnfranks999

Data Breaches - The Real Challenge and...

Monday 13 October 2008, 6:04 PM

2 comments
Telco Destroyer Telco Destroyer

xG update - money, mystery and more

Monday 13 October 2008, 5:09 PM

10 comments
df df

Predatory monopoly abuse

Monday 13 October 2008, 4:54 PM

1 comment

View All

Featured Talkback

In association with Intel
When all is said, if Microsoft produce the best product people will buy it and thats a good thing. If people have to buy their product because no one else can produce an alternative, only because interoperability protocols are kept secret, then thats a bad thing.

By: pround

Read full story:
EU court crushes Microsoft's antitrust appeal