Creating a Culture of Awareness

In his article on Network Security Edge, Top 10 Information Security Threats of 2010, Kevin Prince, CTO of Perimeter, talks of two specific employee-related security threats: malicious insiders (a rising threat) and careless employees (a steady threat). In addition, remote workers are a threat that has fallen from the 2009 top 10 list but remains a major problem, nonetheless.

 

A quick scan of the news shows why employee-related threats take multiple spots in the list. For example, a lost external hard drive resulted in a data loss affecting 1.5 million people. Or the employee at Notre Dame University who posted private employee information on a publicly accessible Web site.

 

From a data breach perspective, Prince told me, careless and untrained insiders/employees create a far greater threat than malicious insiders. "Of course, when malicious insiders do something, they cause much more havoc and devastation."

 

One way for companies to protect themselves from any employee-caused breach is security awareness training.

 

"People have talked about this for years, but I am surprised at how many organizations don't do it or don't do it at needed levels to make a positive impact on their security," said Prince. "You want to create a culture of security awareness, and to do that is to create a program that is ongoing." For example, he added, his company offers a computer-based security training program that includes policies and procedures. Each month, employees are trained on a new topic.


 

"Customers tend to forgive a company when it is hacked, but have much less sympathy when it is breached from an insider incident," Prince said.


Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.