You are here: silicon.com > Software > Security Strategy

Security Strategy

The weakest link in the security chain? You

"The person behind the PC" continues to be the problem

By Aaron Tan

Published: 12 April 2006 08:20 GMT

Human error was responsible for nearly 60 per cent of information security breaches last year, a new study has found.

According to the fourth annual CompTIA (Computing Technology Industry Association) study on information security and the workforce, released on Tuesday, this figure is significantly higher than the number in 2004, when 47 per cent of security breaches were blamed on human error alone.

Despite the prominent role that human behaviour plays in information security breaches, just 29 per cent of the 574 organisations worldwide that participated in the survey said security training is a must for employees. Only 36 per cent of organisations offer security awareness training, the study found.

"The primary cause of security breaches - human error - is not being adequately addressed," Brian McCarthy, chief operating officer of CompTIA, said in a statement. "The person behind the PC continues to be the primary area where weaknesses are exposed."

CompTIA also noted that in the last several years, organisations have equipped themselves with sophisticated security infrastructure that better detect and prevent attacks.

The study found that 96 per cent of respondents use antivirus software while 91 per cent have firewalls and proxy servers, in addition to disaster recovery plans, intrusion detection systems and information security policies.

McCarthy said: "As we get better from a technology standpoint, many organisations seem to believe that technology solutions alone are sufficient to turn back all attacks, and a level of complacency may be setting in."

The CompTIA security study, over the four years it has run, also indicates that virus and worm attacks are a common security concern among respondents. The lack of user awareness, browser-based attacks and remote access, were the next most frequently mentioned security problems.

Aaron Tan writes for ZDNet Asia.

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead

Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy


  • Jobs
Security Engineer - London

Security Engineer - London, City - Cisco/Checkpoint/Watchguard/CISSP - 40k-50k We are urgently looking for a network (wired and wireless) engineer to ...

Human Resources Administrator (Database Support)

Join our friendly professional team to develop and maintain our HR Database system.You'll be enthusiastic with a strong customer focus, receiving and ...

ICT Manager

Liaise with service delivery to ensure the implementation of Portfolio outputs, ensuring changes in working practice are incorporated into the QMS, ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.





Quick Sitemap Links: