Lack of training leads to serious security lapses

Confidential company information is leaking out of organisations because of
a lack of staff training, according to a report.

Almost half of employees have never received any formal security awareness
training, while a third of organisations do not require staff to read security
policy statements.

The report, by PentaSafe, also reveals that a quarter of the 13,048
employees surveyed have not read their company’s security policy over the past
two years and in many cases the document was not readily available.

David Blackman, marketing director at PentaSafe, which carried out the
survey, said employers need to invest more in training staff on security
matters.

"There is a huge lack of security awareness and it comes from a lack of
education and training," he said. "Companies will train staff how to
sell, but they are selling themselves short with a lack of security training.

"HR and IT need to talk to each other. Security training should be
central to every employee induction. Policies should be communicated so
employees are aware of the procedures. There should be an online system so
staff can report breaches of security via a secure and private network."

Sign up to our weekly round-up of HR news and guidance

Receive the Personnel Today Direct e-newsletter every Wednesday

Email(Required)

OptOut

From time to time, we will send you emails about selected products, events and services from Personnel Today and OHW+ - but you can choose to opt-out at any time. If you do not wish to receive these emails, please tick this box.

Comments

This field is for validation purposes and should be left unchanged.

Δ

The survey shows that seven out of 10 firms admit that they have not tracked
those staff who haven’t signed the company’s security policy.

Nine out of 10 employees would open a dangerous e-mail attachment without
realising.