These days, there’s no shortage of tools to combat outside threats to IT security in organizations. However, according to a recent CompTIA study, the root of the problem could be stemming from within the company — among the non-IT staff, in particular.
“When looking at some of the causes of the security breaches, we found that it skews slightly towards human error as opposed to some type of technical malfunction or some other type of technical aspect,” said Tim Herbert, vice president of market research for CompTIA. “That’s a trend that’s of concern to many in the industry.”
Some major areas of concern for IT executives include spyware and viruses, but Herbert said user error has been inching up the list over the years.
While the need for additional training of IT employees still exists, more attention should be given to non-IT employees, Herbert explained.
“Many [IT security] issues are related to spyware, viruses or browser-based types of attacks because the non-IT staff is relying more and more on either Web applications or social networking, or working remotely [from] laptops, smart phones and so forth,” Herbert said.
Oftentimes, there is a lack of support from top management regarding the need to implement such training, Herbert explained.
“They’re aware of prominent security breaches, but they may view it more as just an IT issue and not necessarily as a business issue,” he said.
And if companies don’t deem this to be a business issue, they won’t want…
Please log in or subscribe to read this article