Poorly trained staff still the biggest threat to your network

NEWS Human error in the workplace still poses the single largest threat to corporate networks, with a lack of training being blamed for a problem which businesses should have overcome long ago. A survey commissioned by the Computing Technology Industry Association (CompTIA) revealed that 31 per cent of companies have experienced between one and three "major security breaches" in the past six months - characterised as a security breach which causes real and serious harm to a network. Worryingly, 22 per cent of respondents said none of their IT staff have received specific security training while more than two thirds of companies polled said only a quarter of their IT staff are trained on security issues. Unsurprisingly therefore, almost all companies - 96 per cent - said there is a need for more security training among IT staff. Matthew Poyiadgi, CompTIA's regional director, UK and Scandinavia, said in a statement: "We think the results are pretty staggering. "Where agencies and companies have looked primarily to technology for network safety, in over 63 per cent of identified security breaches, human error looks to be a major, underlying factor. Because our findings also show that security related training and certification have been under-utilised, CompTIA believes that better training and certification of IT staffs will make our networks safer." In response to the findings, one security minded techie, Mike Lee, senior security specialist at BT Ignite, highlighted an 'after the horse has bolted' philosophy towards IT security in Europe. Lee said: "IT security in Europe is only taken seriously if a company has recently suffered an attack, been asked to comply with an audit or legal instruction, or is about to implement a new ecommerce or web-based service. This reactive attitude to security places companies at risk - organisations need to place greater emphasis on prevention."