CompTIA Survey Emphasizes Importance of Security Training

In the November 20, 2006, edition of eWeek, Brian McCarthy, COO of the Computing Technology Industry Association (CompTIA), reports on results from the 4th annual CompTIA study of information security threats and responses. He states that this year’s study revealed that human error was responsible for nearly 60 percent of data breaches, up from 47 percent last year. Given the role of human error, the shocking revelation of the study is that only 29 percent of the 574 organizations participating in the survey have a required security training program for their IT staff.

With the plethora of news stories about data breaches, it is truly fascinating that such a small percentage of organizations have implemented security training. Mr. McCarthy also points out the value that such proactive training has: “Yet among those organizations that use security training, 84 percent said that it has resulted in a reduced number of major security breaches since implementation; typically through increasing awareness, giving staff the tools to better identify security risks, and improving security measures in general and response time of staff to problems.” You mean the training actually worked???

This entry was posted on December 1, 2006 at 5:39 pm and is filed under Electronic Payment Security - General. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response or trackback from your own site.