It's time for an enterprise security education week

There's still the need for greater awareness of enterprise security risks, according to Davey Winder...

Education technology
I'm not usually one to advocate the likes of the consumer oriented 'Get Safe Online' campaign, which ran last week, not least because I think they are a waste of time. However, I am fast reaching the conclusion that something similar is required within the enterprise space. The alternative, I fear, is we start waving a white flag and surrender to the bad guys.
Advertisement - Article continues below
Don't get me wrong, I'm not falling into the trap of slagging off awareness campaigns for the sake of it, but organising coffee mornings, talking to 'vulnerable users' and spreading the word about cyber security is pointless unless the message is heard, understood and implemented further up the food chain.
Likewise, teaching kids about cyber-security skills from the age of 11 as part of the national curriculum might be good PR in the run up to a general election, but will do little unless it's properly taught and that means using teachers whop properly understand the issues and how to solve them.
Will the government make sufficient money, any money, available in order to teach the teachers? I doubt it. Will the government produce sufficient incentives for members of the IT security business sector to donate time and effort to teach the kids? Ditto. That ditto effect carries over to the Get Safe Online debate, and my argument that we need to be moving the emphasise from just educating the end user to educating the technology providers as well. I can sum my side of the debate up thus: end users are idiots for using weak passwords, ditto to the providers that let them. End users are idiots for sharing passwords, ditto to the providers that do nothing to prevent this behaviour. 
Advertisement - Article continues below
Advertisement - Article continues below
Why should the enterprise care? Because you can swap end user and employee with impunity, the end results are the same. According to Chris Sullivan, vice president of Advanced Solutions at security outfit Courion, some 61 per cent of security incidents are caused by rogue employees and 13 per cent of data breaches feature an abuse of access privileges. Still not convinced that training and education are critical?  
According to research from Centrify Corporation, the average employee wastes 261 a year (in lost productivity) trying to manage multiple passwords, which soon adds up in the average enterprise. So why aren't you educating them to prevent this? In fact, why aren't you providing a better system so they don't have to?
So, who's with me; who's up for an Enterprise Security Education Week and who's going to get the ball rolling?
Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now


video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020

Most Popular


Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
cloud computing

Microsoft launches public cloud service for health care

21 May 2020
video conferencing

House of Commons to ditch Zoom in favour of British alternative

11 May 2020