Home > Security News > Meta: Improve awareness of security issues
Security News:
EMAIL THIS

Meta: Improve awareness of security issues

By Edward Hurley, SearchSecurity.com News Writer
13 Oct 2003 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

It's almost a cliche that end-user awareness of security issues is critical to keeping a company secure. But recent research from the Meta Group confirms it and offers suggestions for improving the situation.

The Stamford, Conn.-based research firm found that more than 75% of companies see the lack of user security awareness as detracting from their security programs. About two-thirds of companies see the lack of awareness among executives as having a similar impact.

Teaching users about security is not an easy task. Security professionals tend to be more comfortable fiddling with firewalls or installing intrusion-detection systems than educating end users about safe computing practices. Moreover, management doesn't usually expect security professionals to be skilled communicators.

"Most organizations will fail to successfully secure their technology environment simply because the security staff lacks the communication skills to create this shift in corporate culture," said Meta in a statement.

While the awareness problem is nothing new, answers aren't obvious. Some organizations go so far as to make awareness programs a requirement, but few of these programs are funded, according to Meta.

A good way of measuring security staffs' communication skills is to look at how well users understand corporate security policy and safe computing practices.

Helping security pros develop those skills requires a supportive corporate culture and years of investment. For example, communication skills should be considered during the hiring and annual review processes, much as technical skills are.

Obviously, having employees with solid technical skills is important, but "the importance of communicating security policy to end users is critical to obtain their cooperation in security initiatives and therefore should not be given short shrift," Meta said. "As security teams focus on policy and audit/compliance, the success of those security initiatives depends on obtaining cooperation from end users, executive management, and IT and business managers."



Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


More Tips to Secure Your Network
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts