Staff are ignorant about IT
security threats, leaving organisations vulnerable to increasingly
sophisticated computer viruses and worms, research warns.
A
survey of 1,233 private and public sector organisations by professional
services firm Ernst & Young shows that a lack of education for staff on the
basics of IT is the main gap in organisations’ security policies.
Despite
91 per cent of respondents saying that IT security was very
important, only 28 per cent cited the need to better educate and train
their staff on IT security as a top initiative.
This
might be due to the fact that only 20 per cent of the respondents said that IT
security was perceived as a priority by their chief executive officer.
Jan
Babiak, managing partner of
Ernst & Young’s Information Security Services, said : "Senior management does not recognise the
importance of information security. Persistent gaps continue to exist in
security awareness and training.”
By
Hannah Moffatt
Comments are closed.