Cyber security awareness lacking

The human factor is the weakest link in corporate information security defences according to the Global Cyber Security Survey, completed by The Information Technology Association of America (ITAA) and Brainbench. The study indicates that individual computer users overwhelmingly believe that cyber security is someone else's problem, not their own; many people have gained their cyber security skills through informal channels; and a substantial number think that their employers are doing at best only a fair job of giving people the education and training they need to avoid harmful situations. The online survey measured the opinions of almost 800 knowledge professionals around the globe.

Key findings:
* Most American workers feel their co-workers are the problem. While survey respondents tend to rate themselves highly, they tend to give their co-workers low-to-failing grades with respect to cyber security. 65 percent of respondents said their co-workers ignored it, didn't want to be bothered or just didn't know what to do.

* A significant percentage of workers (46 percent) have either no formal training in information security practices or they learned information security 'here and there.' Only 39 percent of respondents say they received their training on the job.

* The survey shows that a significant portion of the respondents, or 36 percent, are either not sure what to do about the cyber security issue, or are not particularly interested in taking any steps to protect their organisations' infrastructure.

* When dealing with cyber security issues, employees often shift the responsibility elsewhere, with just about half (49 percent) of survey respondents saying their company is doing a poor job, or is providing little, sporadic, incomplete or no security information at all.

www.itaa.org/infosec

•Date: 19th June 2003 •Worldwide •Type: Article •Topic: ISM
Rate this article or make a comment - click here