We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Majority of UK workers 'get no IT security training'

Forget the intrusion detection kit, start talking to your employees

The majority of UK workers have no instruction from their employers on how to protect themselves from data loss or malicious software, according to research.

A snapshot survey of 700 UK workers reveals that nearly two thirds (64 percent) do not receive any training or material to educate them on IT security issues, such as how to avoid downloading malware or how to prevent the loss of sensitive data.

Whether the survey is definitive or not, the findings should worry IT security professionals who have long understood that insider threats are the greatest danger.

The results should also be of concern to compliance and audit teams who are charged with ensuring staff are adequately briefed on security.

In addition, a quarter of workers (23 percent) did not believe that the protection of sensitive data was even an issue in their workplace.

But despite this lack of training the survey - from security firm Guidance Software - reveals that most employees are taking a responsible approach when it comes to protecting corporate data.

Whilst just 16 per cent believe that it is the sole responsibility of the IT department to enforce policies to protect sensitive data, 61 percent believe that all employees are responsible for playing a part in the protection of company data.

A similarly high proportion - 50 percent - believe that it is not acceptable for employees to connect their own personal devices such as iPads or MP3 players to the corporate network.

Frank Coggrave, of Guidance Software, said, "What is most concerning about this data is the chasm that exists between businesses and their employees.

"A large proportion of workers clearly believe they play an important role in protecting against malware attacks and keeping data secure and half understand the risks associated with devices. But the majority are not being adequately trained."

He said IT leaders need to recognise that employees can become a security risk or an important ally in protecting against loss or theft of data or malware.

Free pizza can go a long way in helping to raise the awareness of security among employees, according to the chief information security officer (CISO) of Lehman Brothers Holdings.

Speaking on a panel at the recent Infosecurity Europe conference in London, Michael Everall, CISO at LAMCO LLC - Lehman Brothers Holdings, said that education, training and raising awareness of end users was key to addressing security issues around mobile devices.

Everall said that enticing end users to security awareness training sessions with the offer of pizza was surprisingly successful.

"A little bit of stick and a little bit of pizza helps to get things across," he said.


IDG UK Sites

Best Black Friday 2014 tech deals: Get bargains on smartphones, tablets, laptops and more

IDG UK Sites

What the Internet of Things will look like in 2015: homes will get smarter, people might get fitter

IDG UK Sites

Artist creates a geometric rave in a chapel for The House of St Barnabus

IDG UK Sites

Mac mini (Late 2014) 1.4 GHz review: Mac mini is sort of upgradable, but is it any good as it is?